My all wordpress pages suddenly start to show a 404 error which can be fixed by going to settings->permalinks and saving to re-create the htaccess files. However, within minuets the admin area is inaccessible giving a "too many redirects" issue. The only way to access the admin area is to delete the .htaccess file via ftp. This was not happening until I have set password protected directory.
In your main .htaccess file for WordPress add at the top the following code to fix the redirect loop error:
ErrorDocument 401 default
In your admin .htaccess file for WordPress add the following code to ensure that front end Ajax continues to work:
<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
</Files>
Related
A previous developer created an entry into the htaccess of a worpress site in a few areas.
In the root directory
In the directory that contains wp-content etc.
That rule is as follows:
# RewriteCond %{REQUEST_URI} -f
# RewriteRule ^(.+)\.pdf$ download-protect.php?file=%{REQUEST_URI} [L,NC,QSA]
# disable directory browsing in WordPress
As you can see they are both commented out, but the PDF is still redirected. So a few questions:
Which directory .htaccess would this be best applied to?
Why would PDF's still be redirected if this is commented out? No other trace of that rule anywhere else.
Could it be W3 total cache?
Some context is I need to fix this as it's going to http as opposed to https and the file itself basically says if logged in continue to PDF if not show "must be logged in" message.
https://bvfoods.com/new/wp-content/uploads/2018/06/90029-BV-WG-Cinnamon-Crumble-2.9-oz.pdf
Redirects to
http://bvfoods.com/new/download-protect.php?thisFile=2018/06/90029-BV-WG-Cinnamon-Crumble-2.9-oz.pdf
which if logged in redirects back to the original PDF and if not it displays the must be logged in screen.
I have checked many wp sites recently and they allow to access the file from the include folder and they show error message on it
Path is
wp-includes/customize/class-wp-customize-background-position-control.php
Error message
Fatal error: Class 'WP_Customize_Control' not found in /home4/pcc/public_html/project/autosite/wp-includes/customize/class-wp-customize-background-position-control.php on line 1
Ideally it should not be accessible directly
I have used this in my htaccess but still same error
Options All -Indexes
Also they are crawling in google.
The de-index job will not work because it's a well-known file in all WordPress installation and Options -Indexes did not prevent users to access this.
Place a .htaccess file in wp-includes folder with below content. It's will return 403 status code when someone try to access .php file in wp-includes folder and its subfolders.
<Files *.php>
deny from all
</Files>
Here is my folder directory
wordpress
project
html
index.html (html page)
wp-admin
wp-content
wp-includes
etc...
What I want if someone want to access the main directory folder i.e. project folder for example ( domain.com/project ) it redirect to wordress 404.php .htaccess
To ensure the server finds your 404 page, add the following line to your .htaccess file:
Deny from all
ErrorDocument 404 /page-404.html
Check the docs on Codex: Creating an Error 404 Page
Maybe help plugin:
http://wordpress.org/extend/plugins/private-files/
You need to create an .htaccess file in the directory you want to restrict. Then you will deny access to your directory and redirect redirect all "403 forbidden" request to a 404 page adding this lines to the .htaccess file:
Deny from all
ErrorDocument 403 /404
This are the only lines you need to include in this file.
I am trying to password protect the wp-login.php file in Wordpress but getting errors.
This is the code that I am adding to the main .htaccess file (obviously the path to the passwd file is correct).
# Protect wp-login
<Files wp-login.php>
AuthUserFile "/path/to/my/passwd"
AuthName "Private access"
AuthType Basic
require valid-user
</Files>
All works well if Permalinks are off. If I switch off Wordpress Permalinks, then when accessing site.com/wp-login.php redirects in infinite loop and request goes in timeout with the page never displaying.
If I switch on the Permalinks, Worpress adds the directives just after the above block of code that I have posted.
What can be causing this and how can I get this security measure to work along side permalinks?
ErrorDocument 401 default
as explained here this was missing from the .htaccess file
While accessing my WordPress website, I got directory listing error. I can access the site using http://example.com/index.php but not when I use http://example.com. I also tried put the .htaccess file in the directory. I had following code in my .htaccess file.
#BEGIN WordPress
#END WordPress
DirectoryIndex index.php
I solved it... If any want to change your site path not having access to control panel in your db go to the wp-options table change your site url link to http://www.example.com to the http://www.example.com/index.php