admin dashboard: failed to load resource for certain pages

If you have access to your Dashboard’s Plugins page, try deactivating all plugins. If you don’t have access to that, try manually resetting your plugins (no Dashboard access required). If that resolves the issue, reactivate each one individually until you find the cause.

If that does not resolve the issue, try switching to the Twenty Seventeen theme to rule-out a theme-specific issue (theme functions can interfere like plugins). If you don’t have access to your Dashboard’s Appearance page, access your server via SFTP or FTP, or a file manager in your hosting account’s control panel, navigate to /wp-content/themes/ and rename the directory of your currently active theme. This will force the default theme to activate and hopefully rule-out a theme-specific issue.

Hi James,

Thanks for the quick response.

I have tried both options but still having same issue. First I renamed by theme folder and then I disabled all plugins but still when I click on “Save Changes” button on “Settings -> Permalinks” it’s giving me 403.

Anything else I should try?

Regards,
Numan Ilyas

It’s possible that a .htaccess rule could be the source of the problem. To check for this, access your server via SFTP or FTP, or a file manager in your hosting account’s control panel, and rename the .htaccess file. If you can’t find a .htaccess file, make sure that you have set your SFTP or FTP client to view invisible files.

If you weren’t able to resolve the issue by either resetting your plugins and theme or renaming your .htaccess file, we may be able to help, but we’ll need a more detailed error message. These are usually described in more detail in the server error log. If you have access to your server error log, generate the error again, note the date and time, then immediately check your server error log for any errors that occurred during that specific time period. If you don’t have access to your server error log, ask your hosting provider to look for you.

Thanks James. Unfortunately my hosting account didn’t had logs enabled. Once I get the logs I will share the error message.

Regards,
Numan Ilyas

So I finally was able to setup php5.ini on my godaddy account and phpinfo also shows logging is setup properly but nothing is getting logged in the error log file.

screenshot of config: https://www.dropbox.com/s/5gt4rnxeecpkbsn/php%20config.png?dl=0

Please review this screenshot. Do you think it has to do something with my hosting account?
error screenshot: https://www.dropbox.com/s/ikx6fewvpnwikdz/error%20screenshot.png?dl=0

• This reply was modified 7 years, 4 months ago by numanilyas121.

I am able to find the issue. At some point we installed bullet proof security plugin for WP admin. That plugin created .htaccess inside wp-admin directory. Within that .htaccess we have following line:
RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]

This line is causing all those forbidden errors.

I don’t see this plugin in the plugin list which means it was uninstalled but uninstallation didn’t removed the .htaccess.

Thanks James for looking into this.

The BPS plugin has 2 different Uninstall Options: https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting

Uninstall Options
1. An Uninstall Options link is located on the WordPress Plugins page under the BulletProof Security plugin.
2. Clicking the Uninstall Options link loads a jQuery UI Dialog Form with 2 BPS plugin uninstall options.
3. If you are upgrading to BPS Pro, select the BPS Pro Upgrade Uninstall option and click the Save Option button or just click the Close button below and do a normal plugin uninstall.
4. If you want to completely delete the BPS plugin, all files, Custom Code and BPS database settings, select the Complete BPS Plugin Uninstall option and click the Save Option button.

Note: If you manually delete the /bulletproof-security/ plugin folder then BPS plugin DB option settings will still be in your WordPress Database and BPS htaccess files will still be present. To fix that problem, reinstall the BPS plugin and choose the Complete BPS Plugin Uninstall option and then uninstall the BPS plugin.

Additional Notes/BPS plugin troubleshooting:

The BPS plugin has built-in troubleshooting capability and should not be deactivated for troubleshooting. Deactivating BPS removes the built-in troubleshooting tools/capabilities. You can turn all BPS security features On or Off for troubleshooting to isolate exactly which BPS security feature is causing an issue/problem or to confirm or eliminate BPS as the cause of an issue/problem.

Note: After doing each troubleshooting step, test whatever is not working to see if it is now working. It could also be possible that 2 things are causing a problem. Example scenario: Doing step 1 and step 2 allow whatever was not working to start working. That would mean both the root .htaccess file and the wp-admin .htaccess file are blocking something legitimate.

• This reply was modified 7 years, 4 months ago by AITpro.