Check quarantined files – MainWP htaccess code

[Ljubomir Manojlovic]

I’m not exactly sure (I’m doing updates via MainWP – so, remotelly), but I guess how I get quarantined .htaccess after today updates. I guess how it is caused by W3TC. All issues are that I don’t have any idea how to check it (compare .htaccess before and after) as have no idea did BPS have any mechanism for that. I know how to do it manually, but counting of numbers of servers that I need now to manually check …. that is a HUGE JOB. Issue is that log file not tell me how it happened (some sort of – who want to change it and what is changed). Any advice (what to do)?

[AITpro Admin]

You can check quarantined files in Quarantine by selecting the View File option.  That would allow you to compare the current htaccess file vs the quarantined htaccess file.  You can lock the root htaccess file on the BPS Pro > B-Core > htaccess File Editor tab page to prevent this problem from occurring in the future.

See this MainWP forum topic for the steps to save MainWP htaccess code permanently in BPS Custom Code > https://forum.ait-pro.com/forums/topic/mainwp-wants-to-write-to-htaccess/

[Ljubomir Manojlovic]

Thanks. That should be just great solution for all similar situations.

[Ljubomir Manojlovic]

You pointed link with 5 step instruction how to handle site under MainWP remote control. I have some questions.

• As I install BPS as last plugin on one site (in most cases), am I wrong if I think how I should not to have issues with updates committed trough MainWP, as vs your instructions appear how MainWP already left his codes in .htaccess file before BPS locks it (as BPS wasn’t installed), as by connecting child site (object of this topic) I always install remotely Updraft Plus for backup.

So, is it right or wrong that there should no need for any additional settings provided in your link?

• If it is right, why I get quarantined my .htaccess file after W3TC remote update (by MainWP)?

[AITpro Admin]

The order of Plugin installations and upgrades is not the issue.  The issue is that AutoRestore|Quarantine monitors all of your website files for any changes.  If you upgrade or install Plugins and Themes within your WordPress Dashboard then AutoRestore|Quarantine will automatically turn itself Off, backup files and then automatically turn itself back On because AutoRestore|Quarantine is hooked into the WordPress Upgrader functions with Actions and Filters.  If you are upgrading or installing Plugins or Themes manually (outside of your WordPress Dashboard) or manually editing or uploading files to your website  (hosting account control panel or FTP) then AutoRestore|Quarantine cannot tell who you are or if the file changes are legitimate or a hacker.

I am pretty sure that MainWP hooks into the WordPress Upgrader functions when it remotely installs or upgrades Plugins and Themes.  I am definitely sure that ManageWP hooks into the WP upgrader_pre_install and upgrader_post_install filters for Plugin and Theme updates, which works seamlessly with AutoRestore|Quarantine automation since BPS Pro AutoRestore|Quarantine is also hooked into the WordPress Upgrader functions.

So I think what you should do is to read the AutoRestore|Quarantine Guide to get familiar with how ARQ IDPS works > https://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/.  If you are manually editing or uploading or installing things outside of your WordPress Dashboard then use the “AutoRestore|Quarantine Manual File Editing/Uploading Procedural Steps” below.  You can also choose the “AutoRestore|Quarantine Manual File Editing/Uploading Procedural Steps” below to do things manually when installing or upgrading Plugins and Themes remotely instead of using ARQ IDPS Automation.

AutoRestore|Quarantine Manual File Editing/Uploading Procedural Steps
AutoRestore|Quarantine (ARQ IDPS) is a real-time file monitor that monitors all of your website files for any changes. When manually uploading or modifying files or folders with FTP use these simple procedural steps to avoid having those files autorestored and/or quarantined. If files are sent to Quarantine then use the Restore File option in Quarantine to restore those files. ARQ is amazing, but it cannot tell who you are if you are manually modifying or uploading files or folders outside of your WordPress Dashboard – that is not possible.

1. Turn AutoRestore Off on the AutoRestore page.
2. Manually upload files or manually modify/edit files or folders.
3. Click the appropriate AutoRestore Backup Files button: Root Files, wp-admin Files, wp-includes Files or wp-content Files Backup Files button or run the Setup Wizards.
4. Turn AutoRestore back On.

—————————————-

If it is right, why I get quarantined my .htaccess file after W3TC remote update (by MainWP)

You should lock your Root htaccess file on the BPS Pro > B-Core > htaccess File Editor tab page to prevent the Root htaccess file from being quarantined when installing or upgrading Plugins using MainWP.  Anytime you make a change to a caching plugin, such as W3TC you should rerun the BPS Pro Setup Wizard.  The BPS Pro Setup Wizard has a feature called Setup Wizard AutoFix, which will automatically hook into W3TC and grab any changes in W3TC htaccess code and automatically add/save those new changes in BPS Custom Code and in your Root htaccess file.

[Ljubomir Manojlovic]

Well, if I understand you well, I actually not benefit anything to update trough MainWP. It looks much more simple to use MainWP only to be notified about needed updates and than to use aging MainWP to easy login to client site and than to update it from client site directly.

Every other option require manual fixes and that is impossible to do on 100 (ie) sites (possible, yes, but nonsense).

Please correct me if I’m wrong.

[AITpro Admin]

Oh I did not realize you were doing remote installations and upgrades for so many websites.  Unfortunately, you will need to copy the MainWP htaccess code to BPS Custom Code first and then lock the Root htaccess file after you have added the MainWP htaccess code for each website.  Everything else after that can be done remotely.

[AITpro Admin]

Or another possibility is that you only need the MainWP htaccess code temporarily or not at all.  So that would just mean that AutoRestore would quarantine the root htaccess file that MainWP updated/edited during an upgrade/installation and you would then just need to delete the quarantined root htaccess file for each website or simply just leave the quarantined root htaccess file in quarantine.

[Ljubomir Manojlovic]

Here are now several things.

• At moment I have over 30 sites (most still under iThemes SP, just couple started to transfer on BPS). I have strong reasons to expect this year over 100 sites (so, that is my concerning).
• Your first option from first reply should be something what I expect. Here is reason why I asked that about installation order (watching 5 steps from your first link), as by that – it appear how .htaccess file already should to have that MainWP code (as Updraft is remotely installed). So, as from your other topics and tutorials appear how BPS actually lock EXISTING .htaccess file, I by myself figured how that MainWP already must to be inside of the .htaccess file locked by BPS.

I now figured that is the best to go step by step.

So, for begin – please just answer on that – should be MainWP code already be inside .htaccess file locked by BPS or not (as Updraft is remotely installed)?

[AITpro Admin]

In my personal and professional opinion this is the way I would do things if these were my sites:

1. Get the MainWP htaccess code > https://mainwp.com/help/docs/set-up-the-mainwp-plugin/mainwp-dashboard-settings/
2. Copy it into BPS Custom Code for each site individually and click the Save Root Custom Code button > https://forum.ait-pro.com/forums/topic/mainwp-wants-to-write-to-htaccess/#post-36474
3. Go to the BPS htaccess File Editor tab page and lock your Root htaccess file.
4. Run the BPS Pro Pre-Installation Wizard and Setup Wizard.

[Ljubomir Manojlovic]

This is now some progress.

• For testing purpose I set one server without BPS and I performed procedure (so, Updraft is installed) and I have in my .htaccess file next code automatically

# BEGIN MainWP
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-content/plugins/mainwp-child/(.*)$ /wp-content/plugins/THIS_PLUGIN_DOES_NOT_EXIST [QSA,L]
</IfModule>

# END MainWP

• It mean that also when BPS is installed, it should be there. Considering your other replies in other topics, I should actually not need to do anything else.
• However, regards your last reply, it looks that I should to do something. That is that above code I should to insert in Custom Codes (despite that it should be get by itself by BPS). After that to follow other steps from your reply.

Is it right and everything what should to be done?

[AITpro Admin]

Yes, I would use the steps that I posted above if these were my websites.  So yeah I would copy the MainWP htaccess code into BPS Custom Code as soon as BPS was installed.  Or in other words, the first step that I would do after installing BPS on a website would be to copy the MainWP htaccess code to BPS Custom Code.  You can of course choose any other order or steps that you would like to use instead.

[Ljubomir Manojlovic]

That will be just fine (I mean, your answer is precise, as always).

Finally, here is last question (I think) about this topic. Do you think how after such procedure, plugins like W3TC (with ocassional system files altering, like last W3TC update altered .htaccess), will not be anymore issue? I mean, such change, BPS will not anymore quaranain?

[AITpro Admin]

It does not matter if the root htaccess file is quarantined at any time for any reason because you can always generate a new one.  What is important to do is to look at the quarantined Root htaccess file in Quarantine using the “View” option to see what was added/changed.  So that you can see what changed.  In the case of W3TC if W3TC causes the root htaccess file to be quarantined then you can delete the root htaccess file from Quarantine because the BPS Pro Setup Wizard has a feature called > Setup Wizard AutoFix which automatically corrects/changes/adds/saves W3TC htaccess code in BPS Custom Code and your Root htaccess file each time your run the Setup Wizard.  Or in other words, rerunning the Setup Wizard fixes any/all issues/problems with W3TC htaccess code and of course many other things.  The Setup Wizard can be rerun at any time.

[Ljubomir Manojlovic]

Thanks. I think how that should be all.

[Author]

Posts