I have a variation on the old WordPress problem regarding permalinks failing (404 errors) when permalinks are set to anything other than 'plain' (where plain = http://example.com/?p=123 and a 'pretty' URL = http://example.com/sample-post/ - taking the URL content from the article title, for example).
For the first time I am starting a site on a virtual rather than dedicated server (Hetzner hosted), where I at least was able to easily read the httpd.conf settings and other server configurations.
To recap here, the problem is that neither WordPress nor the default server settings are usually ready for the URL rewriting that allows 'pretty' URLs out of the box. When confronted with this problem before, on dedicated servers, I would ensure that AllowOverride was set to 'all' or '[directory]' and then would put in an .htaccess file into the web's document root with this traditional solver:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
However this does not work on my Hetzner server. I put in the above code to an .htaccess file, set the permissions correctly and restarted. But the front page still shows links to the article lists, but the articles themselves all still throw that old 404 error.
The only access I have to the core server directives is drip-fed out in sections and radio-buttons etc via Plesk. I can't even open up the httpd settings read only to see how AllowOverride is set. Hetzner consider this a 'software problem', and therefore unsupported.
There is a section in Plesk where you can add additional Apache and Nginx directives (with duplicate boxes for http and https for Apache). I tried this in the Apache boxes and rebooted, but it didn't help (obviously this is not the actual URL I wrote):
<Directory "/var/www/vhosts/example.com/httpdocs/">
AllowOverride All
</Directory>
If anyone has any suggestions as to how I can get the usual rewrite fix in, in these circumstances, it would be much appreciated.
Okay, the problem was an obscure one, as it turned out. The virtual server was running Nginx on top of Apache, and I needed to install a plugin via Plesk which provides an 'ht access translator' for Nginx in Plesk. I pasted the rewrite directives there, they were 'translated' to Nginx-understandable commands, and the problem is solved.
Related
I am new to Wordpress but tried all documentation and Stack Overflow posts for possible solutions but none of them have worked so far.
I have verified that mod rewrite is enabled and working as expected. Followed all steps mentioned here. https://wordpress.stackexchange.com/questions/105795/remove-index-php-from-permalinks
Also restarted Apache couple of times but still getting 404 errors when I remove index.php path from Permalink Settings.
Renamed the wordpress directory to blog to access the site at www.xyz.com/blog. Now the requirement is to access any blog posts with
www.xyz.com/blog/2018/02/09/my-wp-post without index.php in the URLs.
We don't have any other CMS content other than WP for the blog site.
Permalink settings(Custom Structure):
/index.php/%year%/%monthnum%/%day%/%postname%/
.htaccess file contents:
BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>
I spent ton of time trying many different approaches answered here or elsewhere but none of them fixed my issue.
This is what I did and it has fixed my issue.
Change permalink settings to remove index.php
Update/Save .htaccess content that's at the root of the WP installation if it's not allowed to be updated automatically when we change permalink settings in WP admin panel.
This is the important step since not many Q & A mentioned this in detail, other than wordpress documentation here. Specifically check AllowOverride settings and change it to All, Apache httpd.conf will not load the .htaccess contents without this change. Of course mod_rewrite must be enabled in the server if it's not already done. In our case it's enabled by default, so didn't have to mess with this step.
Also make sure FollowSymLinks option enabled as mentioned in the WP documentation.
Last but not least, make sure you restart the Apache service/server for the changes to take effect.
Entry in httpd.conf file:
<Directory "/var/www/html/blog">
Options FollowSymLinks
AllowOverride All
Assuming Ubuntu 16.04 & Apache2
1) Activate mod_rewrite. It's available but not enabled with a clean Apache 2 installation.
sudo a2enmod rewrite
2) Restart Apache
sudo systemctl restart apache2.service
3) Setup .htaccess
(Note: Apache reccomends using a server configuration file over inserting rules into .htaccess, however, for this example, inserting rules into .htaccess is sufficient because of the negligible performance hit.)
sudo nano /etc/apache2/sites-available/000-default.conf
Insert the following in 000-default.conf
<VirtualHost *:80>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
4) Restart Apache
Repeat step 2
5) Create .htaccess in the web root.
touch /var/www/html/.htaccess
Insert the following into .htaccess
RewriteEngine On
6 Configure the URL Rewrite (Note: Assuming index.php)
sudo nano /var/www/html/.htaccess
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
mod_rewrite is a useful Apache module that can be used effectively to ensure human-readable URLs and good SEO results. If you'd like to learn more about mod_rewrite, take a look at Apache's mod_rewrite Introduction and Apache's official documentation for mod_rewrite.
In a nutshell, as #Cnu as mentionned, the problem very few resources on the internet touch on is the fact that your apache configuration must contain an AllowOverride FileInfo directive for wordpress rewrites to work without /index.php/.
Since Apache 2.4, AllowOverride default setting is "None", which is often a roadblock in making "pretty urls" work (in this case ditching the index.php). As #cnu mentionned, you should read carefully this resource : https://wordpress.org/support/article/using-permalinks/.
Make sure to have mod_rewrite enabled
-> (to be sure create an info.php you will remove later containing the line <?php phpinfo();?>) at the root of your blog and call https://domainofyourb.log/info.php)
Make sure your .htaccess is writable by wordpress. (permission and ownership should be allowing your webserver (often with the username "apache") to edit the file.
Change your wordpress permalinks settings, and check that .htaccess file is correctly written.
Check that your apache configuration (etc/httpd/conf/httpd.conf in some linux distros) contains the directive AllowOverride FileInfo within your blog's <Directory></Directory> section
Options directive to FollowSymLinks should be the default, but if Options directive is mentionned, add FollowSymLinks for good measure.
when all that is done, don't forget to restart your Apache server. (sudo service httpd restart in my case, ymmv).
P.S : wrote this answer because I can't comment (don't have rep) on cnu's answer, and wanted to correct 1. allowoverride doesn't need to be set to ALL, it can be set to simply "FileInfo", 2. update the link to wordpress doc, and 3. provide background on the change in apache 2.4 that causes this issue.
Go to admin page, Dashboard -> Settings -> Permalink Settings -> Custom Structure, select /%postname%/ or, /%year%/%monthnum%/%day%/%postname%/ up to you.
I have the following setup. An Elastic Beanstalk Environment with a Load balancer. The web application, installed in the root, is using CodeIgniter. Wordpress is installed in the subdirectory /blog off the root. The CodeIgniter application requires https, but wordpress needs to be http. The load balancer is configured to listen on https and http, the instances behind the load balancer are http.
My first configuration to manage this is a .ebextensions file in the root. This file is deployed with the application to set a .conf to redirect all http traffic to https EXCEPT /blog. That file looks like this
files:
"/etc/httpd/conf.d/ssl_rewrite.conf":
mode: "000644"
owner: root
group: root
content: |
RewriteEngine On
<If "-n '%{HTTP:X-Forwarded-Proto}' && %{HTTP:X-Forwarded-Proto} != 'https'">
RewriteCond %{REQUEST_URI} !^/blog/
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</If>
The next step in the configuration is an .htaccess file in the root. This controls the CI requests. It looks like this:
<FilesMatch "\.(ttf|otf|eot|woff|woff2|svg)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
RewriteEngine on
RewriteBase /
RewriteCond $1 !^(index\.php|uploads|blog|assets|robots\.txt)
RewriteRule ^(.*)$ /index.php/$1 [L]
Options -Indexes
Finally in the /blog directory containing Wordpress I have this .htaccess
RewriteEngine On
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
The CI app works fine, and http requests are sent to https correctly. The /blog root directory itself (i.e. the 'home page' such as http://example.com/blog) also works fine. Even the /blog/subdirectories such as http://example.com/blog/wp-admin/options-general.php work fine. What does not work are permalinks such as http://example.com/blog/my-article (presumably because they are not real files). If I change the permalinks setting to remove the permalinks and allow post urls to look like this http://example.com/blog/?p=123 that also works. Only permalinks do not work.
An additional problem (which should be obvious) is that if anyone tries to access the blog with https directly, they will get a mixed content warning and broken links. So I also need to redirect https://example.com/blog/* back to http.
I am sure this setup is over complicated, and I could remove both .htaccess files and place all my settings in the .ebextensions config file however I am not sure how to do that. I have been piecing together several solutions such as this and this for days and each solution creates another problem.
For anyone going to suggest that Wordpress should be https as well, I am not opposed to that, however I have been down that road for over a week with no good solution that allows me to maintain non-ssl test and development environments that will deploy to AWS properly without messy plugins, files that change in production which I cannot easily port back to test and dev, and host of other https/wordpress problems. The simplest solution seems to be running Wordpress http. I'm also open to another CMS to replace Wordpress. Bottom line is I just want a blog to live under CI on AWS, in https/http, play nice together, and deploy easily.
It should also be noted that in dev and test, everything works fine. The only significant difference between dev and test is the .ebextensions file and the https redirect.
Any help is appreciated.
Take a look on this video:
AWS solution
you need to use the correct header so that does not happend, especially if your load balancer is not using secure connections between the instance and the load balancer
Have changed to a new server and have migrated a number of Wordpress sites. After migration, I found that the menu links were no longer working. The content is there however.
I deleted the htaccess file and changed the permalinks to the default setting 'plain'. That worked fine. However, now my website is working with menu links like domain.com/?page_id=29.
On the old server, I have always been using the format domain.com/post_name. So I deleted the htaccess file again and changed the permalink to post_name, but clicking on the link in the menu always gives me a 404 error. Checked a phpinfo() and mod_rewrite is enabled.
The htaccess file right now is:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
How to get back working menu links when permalinks are set to postname?
On Linux, in order to relax access to the document root, you should edit the following file: /etc/httpd/conf/httpd.conf
In case you are on Ubuntu, edit the file /etc/apache2/apache2.conf (here we have an example of /var/www)
And depending on what directory level you want to relax access to, you have to change the directive
AllowOverride None
to
AllowOverride All
So, assuming you want to allow access to files on the /var/www/html directory, you should change the following lines from:
<Directory "/var/www/html">
AllowOverride None
</Directory>
to
<Directory "/var/www/html">
AllowOverride All
</Directory>
Reference Docs for you:
https://codex.wordpress.org/Using_Permalinks
I take it when you say the menu lnks stopped working again you mean to say that the link changes fine to the new permalink format of http://domain/post_name right?
If so you're issue lies in mod_redirect. Either in the .htaccess in the docroot (turning it on and having correct redirect rules) or it could in your apache web server config file. perhaps apache doesn't even have mod_redirect enabled. if it's a CPANEL server mod_redirect is likely to be enabled however.
Issue can be the path of the files as well. Do you migrate the account with same username and same path as of the old server ?
If path is different than the old server, take a mysql dump of the db, look for the path and change them to the correct new path.
If paths are same, then you could fix this issue by just resetting the permalinks i.e first change the permalinks to some other one than the current one and save and then immediately change back to old one which was in use earlier and then again save it. This have worked for me in past.
I copied a live woocommerce site back to the dev server. The live site uses https. So when I tried accessing it on the dev server, it redirected me to the live site. I figured the issue was the .htaccess file. I tried editing it, but the file is encrypted. So I just removed it all together. That stopped the redirecting, and I was able to access the front-end of the dev site. However when I try to access the wp-admin or wp-login.php I get a 404. I also noticed that the broswer changed from http to https. So there's something still trying to make the website run under https.
What I've tried:
I deactivated woocommerce plugin (by renaming it) but that didn't
help.
I also searched in the database for instances of https:// but I
could not find any that related to the website.
I also found and removed a cert.html file in the root which I think
it's related to the https certification, but I still can't access
the backend.
And last, I tried to add a new .htaccess file with the basic
wordpress permalinks in it, but that just gave 500 server errors.
Can anyone give some pointers where to look? Or what could be causing the browser to use https, instead of http.
It looks like you need to change your site URL to point to the right place. Since you can't log in (it'll redirect you to the wrong site URL), you need to change this in your wp-config.php file (see this link for more info):
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
After that, and hopefully with the default wordpress rules, you should be able to log in to the admin pages.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
The above assumes that your wordpress site is at /.
I have a wordpress install with the following htaccess:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_URI} !^/secure-area/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
and a directory /public_html/secure-area/ which has been protected using cPanel.
If I turn off prettylinks in Wordpress, I can access the directory normally, but otherwise, I am redirected to the WP 404 page.
I can access a directory that is not password protected without any problems.
I'm asking here because this is an htaccess problem, not just wordpress specific, and the answers I've seen over here seem better qualified.
Many thanks, Tim
Similar questions which don't address password protected directories:
https://wordpress.stackexchange.com/questions/7181/wordpress-overriding-actual-subdirectories
https://wordpress.stackexchange.com/questions/20152/cannot-access-non-wordpress-subdirectories-as-wordpress-overrides-them-with-a-404
Can't access my folder because of WordPress
I was having the same problem and this worked for me: http://support.aiso.net/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=246
Just switch the 401 Error Document line to read:
ErrorDocument 401 default
The 404 is from not having "401" Error document - one is specified by default with cpanel but not usually not set up by the host. I created a blank document and added this to my .htaccess:
ErrorDocument 401 /empty.html
I did this to protect my wp-admin folder from future/unknown Wordpress exploits after someone defaced my site.
I had this same problem under cPanel. In my case it was due to the "~/.htpasswds/public_html/secure-dir/passwd" file/directory not having the correct permissions. I called the hosting company and they chown'd the file with the correct permissions and it worked.
It really had me stumped in that it looked like the directory protection was working b/c it was popping up the AUTH window. But when Apache went to verify the passwd it would choke and serve the WP standard 404 page.
I'm still interested in solving this, because I'd like a portable solution, but my workaround is that I've removed password protection and restricted access to my own IP address.
I added an htaccess file in the /secure-area/ directory with the following code from Perishable Press - Studpid htaccess tricks:
# deny all except those indicated here
<Limit GET POST PUT>
order deny,allow
deny from all
allow from x.x.x.x
allow from .*domain\.com.*
</Limit>
I've got a few scripts i run in there, so i also add:
# enable directory browsing
Options All +Indexes
for ease of use, given that it (should be) a secure directory.
I'm interested in hearing whterh this is a silly, insecure way of going about things :) Ta
ErrorDocument 401 default
Add this as the first line in htaccess. Worked for my wordpress site which kept redirecting to 404 page.