unable to activate or deactivate BPS Pro

Home Forums BulletProof Security Pro unable to activate or deactivate BPS Pro

This topic contains 25 replies, has 2 voices, and was last updated by  AbZu2 3 months ago.

Viewing 15 posts - 1 through 15 (of 26 total)
  • Author
    Posts
  • #37643

    AbZu2
    Participant

    Had deactivateed BPS to enable some host related maintenance and when  I activated again 5 alerts popped up:

    • AutoRestore|Quarantine Alert

    A file has been quarantined. Click Here  >> offers to download admin.php

    • A PHP Error has been logged in your PHP Error Log

    Click Here To go to the P-Security PHP Error Log page. >> offers to download admin.php

    • Login Security Alert

    Click Here to go to the Login Security page. >> offers to download admin.php

    • F-Lock Folder Lock Alert

    A Hosting Account Root Folder has been locked.
    Click Here to go to the F-Lock Folder Lock page. >> offers to download admin.php

    • Error: The BPS Pro Activation Key is not valid for this website

    Go to the BPS Pro Activation page and request a new BPS Pro Activation Key for this website. >> offers to download admin.php

    There are three options on the plugin:

    DEACTIVATE >> selecting that option >> offers to download plugins.php

    SETUP WIZARD >> selecting that option >> offers to download admin.php

    TROUBLESHOOT >> selecting that option >> offers to download plugins.php

    Don’t even know where to start. Had hoped that running through the setup wizards would have been all that was needed.

    Activation of BPS has crashed my site and when it is accessed a file is downloaded <download> with no file extension

    HELP !

    the site is https://www.abzu2.com/

    #37644

    AITpro Admin
    Keymaster

    The php file download problem is caused by missing or invalid php/php.ini handler htaccess code in your root htaccess file.  This forum topic explains the general steps to fix this problem > https://forum.ait-pro.com/forums/topic/wordpress-admin-php-file-downloaded-instead-of-being-processed/ Important Note: The forum topic is specifically about adding GoDaddy php/php.ini handler htaccess code to BPS Custom Code. You would find and add the correct php/php.ini handler htaccess code for your web host. Each web host has different php/php.ini handler htaccess code.

    Files were quarantined because the “AutoRestore|Quarantine Manual File Editing/Uploading Procedural Steps” below were not done prior to your web host performing maintenace/upgrades on your server/website.

    https://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/

    AutoRestore|Quarantine Manual File Editing/Uploading Procedural Steps
    AutoRestore|Quarantine (ARQ IDPS) is a real-time file monitor that monitors all of your website files for any changes. When manually uploading or modifying files or folders with FTP use these simple procedural steps to avoid having those files autorestored and/or quarantined. If files are sent to Quarantine then use the Restore File option in Quarantine to restore those files. ARQ is amazing, but it cannot tell who you are if you are manually modifying or uploading files or folders outside of your WordPress Dashboard – that is not possible.

    1. Turn AutoRestore Off on the AutoRestore page.
    2. Manually upload files or manually modify/edit files or folders.
    3. Click the appropriate AutoRestore Backup Files button: Root Files, wp-admin Files, wp-includes Files or wp-content Files Backup Files button or run the Setup Wizards.
    4. Turn AutoRestore back On.

    Once you fix the php/php.ini handler htaccess code issue you can then solve the other issues. Looks like you need to request a new BPS Pro Activation Key on the BPS Pro Activation page.

    The BPS Pro plugin is a very advanced plugin that has built-in On|Off capability and troubleshooting capability for all BPS Pro security features.  The BPS Pro plugin should never be deactivated for troubleshooting or doing server maintenance, website migrations, etc.  See this forum topic for the correct procedures to Turn Off BPS Pro security features when doing website migrations or maintenance or server upgrades/changes > https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407

    BPS Pro Troubleshooting Steps
    https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

    #37647

    AbZu2
    Participant

    Complicated. But I see that the first step is to add the php handler to .htaccess. The link provided is for GoDaddy. My host is Bluehost and my PHP is version: 7.2.7. So instead of :

    # Go Daddy PHP5.6 php/php.ini handler
    AddHandler x-httpd-php5-6 .php

    I assume that the correct text would therefore be:

    # BlueHost PHP7.2.7 php/php.ini handler
    AddHandler x-httpd-php7.2.7 .php

    The current PHP information in the .htaccess file is:

    # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    # Use PHP70CGI as default
    AddHandler fcgid70-script .php
    #37648

    AITpro Admin
    Keymaster

    Yep, the correct php/php.ini handler code is the PHP7.2.7 php/php.ini handler htaccess code since that is the PHP server version you want to use.

    #37649

    AbZu2
    Participant

    Followed the instructions exactly as listed in https://forum.ait-pro.com/forums/topic/wordpress-admin-php-file-downloaded-instead-of-being-processed/

    1. Use FTP or your web host control panel file manager and rename the /bulletproof-security/ plugin folder to /_bulletproof-security/.

    • Done
      2. Manually edit your root htaccess file and add the php/php.ini handler htaccess code that I posted above at the very top of your root htaccess file.
    • Done. Added >> # BlueHost PHP7.2.7 php/php.ini handler
      AddHandler x-httpd-php7.2.7 .php and deleted # Use PHP70CGI as default
      # AddHandler fcgid70-script .php
      3. Login to your website.
    • Done. Instead of download when I accessing the site I now get application/x-httpdphp (2.2 KB)
      4. Rename the /_bulletproof-security/ plugin folder back to /bulletproof-security/.
    • Done. No change to error. Tried two other browsers. Same problem. Reversed step 4 and 3. Same problem.

    ¿?

    Would it be of any help if I sent you a PM with the current text of my .htaccess file ? TIA

    #37650

    AbZu2
    Participant

    ¿Not getting notifications of follow-up replies via email?

    #37652

    AITpro Admin
    Keymaster

    Oh I did not see this comment you made – “I assume that the correct text would therefore be”.  The problem is that you have to use the exact correct php/php.ini handler htaccess code that your web host requires and for the PHP server version that you want to use.  BlueHost php/php.ini handler htaccess code is here > https://my.bluehost.com/hosting/help/htaccess-php-handlers, but I do not see php/php.ini handler htaccess code for PHP7.2.7. Try this php/php.ini handler htaccess code below.  If the code does not work then you will need to contact BlueHost support and get the correct php/php.ini handler htaccess code from them.

    # Use PHP7.2.7 as default
    AddHandler application/x-httpd-php7.2.7 .php

    Are you checking the correct email mailbox?  Check your junk or spam folder for forum email replies.

    #37656

    AbZu2
    Participant

    Contacted BlueHost and they informed me that php7.2.7 was breaking my site. It was changed to version 7.0.31
    They replaced the core files and changed the htaccess file. I can now access my site and admin dashboard. Before attempting to activate BPS again. Would like to know if there anything I should do. My current .htacces code is a s follows:

    
    # Use PHP7.0 as default
    AddHandler application/x-httpd-ea-php70 .php
    # BEGIN WordPress
    AddHandler application/php-70 .php
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType text/html "access plus 5 minutes"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 6 hours"
    </IfModule>
    <ifModule mod_headers.c>
    Header set X-Endurance-Cache-Level "2"
    </ifModule>
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    
    

     

    #37658

    AITpro Admin
    Keymaster

    Well BPS Pro should never be deactivated when doing things like this or pretty much anything else.  BPS Pro is a very advanced plugin that has On|Off capability for all BPS Pro security features.  If your web host or you are manually editing/changing files on your website/hosting account then you would just turn Off AutoRestore during that process.  Then do the rest of the AutoRestore|Quarantine Procedural Steps when manually modifying files in the link below.

    AutoRestore|Quarantine Standard Procedural Steps when manually modifying files

    http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#procedural-steps

    You are going to need to do these steps:
    1. Go to the WordPress Plugins page and click the Must-Use link at the top of the Plugins page. If AutoRestore is turned Off you will see – “AutoRestore is turned Off” in green font under the BPS Pro MU Tools must-use plugin.  If AutoRestore is not turned Off then click the “Turn Off AutoRestore” link to turn Off AutoRestore.
    2. Activate the BPS Pro Plugin.
    3. Now you want to copy your php/php.ini handler htaccess code to BPS Root Custom Code (see below for the code that you are going to copy to Custom Code – do not copy any of the other code that your host support folks added in your root htaccess file) in this Custom Code text box:  1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    4. Click the Save Root Custom Code button.
    5. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # Use PHP7.0 as default
    AddHandler application/x-httpd-ea-php70 .php
    AddHandler application/php-70 .php
    #37659

    AbZu2
    Participant

    Thanks for the reply. At least BlueHost made it possible for me to access my site and admin dashboard that now allows me to follow your recommendations.

    Step 1. BPS Pro MU Tools was Disabled >> Enabled

    Did not see AutoRestore is turned off and failed to see any option to Turn Off AutoRestore

    If AutoRestore is turned Off you will see – “AutoRestore is turned Off” in green font under the BPS Pro MU Tools must-use plugin. If AutoRestore is not turned Off then click the “Turn Off AutoRestore” link to turn Off AutoRestore.

    Crashed my site again after Step 2. Activate the BPS Pro Plugin. Loading my site returns >> application/x-httpd-php (269 bytes)

    🙁

    After activating BPS in Step 2 the following showed up on my WP admin dashboard (that now can’t be accessed):

    https://prnt.sc/ogealu

    Now I am getting a slew of email notifications that a file has been quarantined:

    <span style=”color: #fb0101;”>A file has been sent to Quarantine</span>

    Total Number of Files Quarantined: <span style=”color: blue;”>105</span>

    To view the file that was quarantined, log into your website and go to the BPS Pro Quarantine page.

    As I can not access my WP admin dashboard it is therefore impossible to go to any of the BPS options 🙁 🙁

    #37661

    AITpro Admin
    Keymaster

    Ok then you have an older version of BPS Pro installed.  BPS Pro 14 is the newest version and a new feature was added to turn off AutoRestore using the new Must-Use plugin link.  You are going to need to do the steps below to get everything fixed.  It’s a shame you deactivated the BPS Pro plugin since that makes things very complicated instead of just turning AutoRestore Off.  Oh well, live and learn (the hard way LOL).  Hey but it’s always more fun to do 10 steps instead of 1 step.  🙂  I have a feeling you are going to remember to use the simple “AutoRestore|Quarantine Standard Procedural Steps when manually modifying files” method next time after this bad experience. LOL. Don’t feel too bad, I work on Classic cars and once blew up a car engine because I did not follow procedural steps. That was a very hard and expensive lesson. 😉

    1. Use FTP or your web host control panel file manager and rename the /_bulletproof-security/ back to /bulletproof-security/.
    2. Edit your Root htaccess file and add the code that your web host gave you (see your own forum reply above for that code).
    3. Login to your web host control panel.
    4. Login to PhpMyAdmin.
    5. Do a search in this WordPress Database Table: xx_options for this BPS Pro AutoRestore option setting name: bulletproof_security_options_ARCM.
    6. Delete the bulletproof_security_options_ARCM database option setting. AutoRestore will now be turned Off.
    7. Go to the WordPress Plugins page and activate BPS Pro. Files will not be quarantined since AutoRestore is turned Off.
    8. Now you want to copy your php/php.ini handler htaccess code to BPS Root Custom Code (see below for the code that you are going to copy to Custom Code – do not copy any of the other code that your host support folks added in your root htaccess file) in this Custom Code text box:  1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    9. Click the Save Root Custom Code button.
    10. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # Use PHP7.0 as default
    AddHandler application/x-httpd-ea-php70 .php
    AddHandler application/php-70 .php
    #37667

    AbZu2
    Participant

    Want to get out of my mess and do it right, so please bear with me on the clarifications of certain details.

    Step 1 >> Done

    Step 2 >> If I understand your instructions correctly, the original PHP code from BlueHost should replace the code generated after activating BPS in the .htaccessfile which now has:

    
    # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    # Use PHP70CGI as default
    AddHandler fcgid70-script .php
    
    

    The original PHP code that BlueHost had was:

    
    # Use PHP7.0 as default
    AddHandler application/x-httpd-ea-php70 .php
    
    

    … leaving the rest of the information generated in .htaccess by BPS alone.

    FYI, I have BULLETPROOF PRO 13.7 installed

    #37668

    AITpro Admin
    Keymaster

    Nope, you want to delete all of the code in the Root htaccess file and ONLY use the code that your web host gave to you.  Use ALL of the code that they gave to you (use the exact code that your web host gave to you shown below).  Then continue on with the rest of the steps.

    # Use PHP7.0 as default
    AddHandler application/x-httpd-ea-php70 .php
    # BEGIN WordPress
    AddHandler application/php-70 .php
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType text/html "access plus 5 minutes"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 6 hours"
    </IfModule>
    <ifModule mod_headers.c>
    Header set X-Endurance-Cache-Level "2"
    </ifModule>
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    #37669

    AbZu2
    Participant

    Step 5 > Fail to find bulletproof_security_options_ARCM in the WordPress Database Table: xx_options

    Sending you a screenshot of all the BPS options available in that database

    https://prnt.sc/ogewlr

    #37670

    AITpro Admin
    Keymaster

    You need to search in the WordPress xx_options database table.  For your website that would be this database table:  qxd_options.

Viewing 15 posts - 1 through 15 (of 26 total)

You must be logged in to reply to this topic.