Site doesn’t load – tries to download instead of loading in browser

Home Forums BulletProof Security Free Site doesn’t load – tries to download instead of loading in browser

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
  • #40135

    Hi, I woke up this morning to two client websites (both in same hosting account at Bluehost) doing that odd behavior that WordPress sites sometimes do when they’re unhappy – attempting to download the site instead of correctly loading it in a browser tab. I just got off a chat with Bluehost support and they were not able to do anything to help (support rep didn’t hae much code knowledge). Here’s what I’ve done and the results so far.

    1. deactivated all plugins using Bluehost’s management tool. No chagne in website behavior.

    2. renamed htaccess to disable it. This brings the site back up and I can again access admin.

    3. Quickly going to the BPS setup  wizard, I regenerate htaccess. Site is still okay, but…

    4. after just a minute or two (or a few, but it doesn’t take very long) a block of code is somehow and very mysteriously added to the bottom of the file. It looks pretty much like default WordPress htaccess code, but also has a PHP handler for PHP 7.0; the PHP handler at the top of the file is correctly set to PHP 7.4, so this creates a conflict and the site reverts to the download behavior.

    5. Bluehost support insists that this is not being done by the server, claims htaccess is infected, and starts a malware scan. That scan won’t complete until sometime between 1:15 and 1:45pm PT.

    So my client’s busy ecommerce website has already been down all morning and I’m no closer to a resolution. Currently htaccess is disabled so I have access to admin and the sites are loading, but as soon as I try to activate WooCommerce, down she goes again. While I wait for a reply I’m going to try and activate the other plugins and see if any other appear to be involved in this mess. Thanks for any help you can offer!


    I guess it would help for you to see the code that’s mysteriously added to the bottom of htaccess:

    # BEGIN WordPress
    # The directives (lines) between "BEGIN WordPress" and "END WordPress" are
    # dynamically generated, and should only be modified via WordPress filters.
    # Any changes to the directives between these markers will be overwritten.
    AddHandler application/x-httpd-php70 .php
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # END WordPress

    Note that there is already a PHP handler at the top of this htaccess file and it’s set to PHP 7.4. Really strange. Maddening, really.

    AITpro Admin

    The site is not infected so disregard what your web host said.  When an incorrect PHP handler is used files are downloaded instead of processed.  So yep the problem is that the PHP 7.0 handler is being added by something.  Do the steps below to fix this problem.

    1. Delete your Root htaccess file.
    Note: If the site is loading fine after deleting your root htaccess file then you do not need a PHP 7.4 handler or any PHP handler htaccess code.
    2. Login in to your site and go to BPS Root Custom Code.
    3. Check all BPS Root Custom Code text boxes for PHP handler htaccess code.  If your site loads fine without a PHP handler then delete any PHP handler htaccess code that you find in any Custom Code text boxes and click the Save Root Custom Code button.
    4. Go to the BPS Pro > B-Core > htaccess File Editor tab page > click the Lock htaccess File and Turn On AutoLock buttons.  If you see an error message like the root htaccess file does not exist then do step 5 first and then go back and do step 4.
    5. Go to the BPS Pro > Setup menu > Setup Wizard > run the Pre-Installation Wizard and Setup Wizard.


    What great information! I did not know that an incorrect PHP handler is used the site will try to download instead of loading properly in the browser (after being processed). I’ll go follow through on your guidance on both sites and I’ll come back to let you know how it went.


    PS, I knew the site (and even the server) couldn’t have been infected. I have BPS on each site on this account and since starting to use BPS (both free and Pro) I’ve never had a site hacked. 🙂

    AITpro Admin

    Your web host support tech should have known that an invalid PHP handler causes files to be downloaded instead of processed.  😉 That is a very common known problem.  Yeah you want to be selective about what kind of help you ask for from web host support folks.  They are not trained in WordPress (Core, Plugin or Theme fixes).  The only things you should be asking your web host support folks are things like this: Are there any server problems, I need my X password reset and that’s about it.  LOL


    I guess I’ve gotten spoiled. Most of my clients are hosted with GreenGeeks, and I have access to level 2 techs there who are very helpful. The Bluehost tech I spoke with today admitted she didn’t know much about code and that she didn’t have any higher level techs to escalate the ticket to. I’ll remember not to waste time with them going forward. I’m now implementing your fix on the second, not as important (because it’s not live yet) site. And it works beautifully…I was able to update the core, plugins and default theme with no trouble. You guys are such rock stars! Thank you so much for your help today. I’m going to go preemptively do the same on one last site on this account and call it a day.

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.