403 forbidden error

Maybe your host does not allow you to lock your root htaccess file with 404 file permissions on your server. Do these steps:
1. Go to the htaccess File Editor tab page.
2. Click the Turn Off AutoLock button.
3. Go to the Security Modes page, click the Create secure.htaccess File AutoMagic button and activate Root folder BulletProof Mode.

Yes, this seems to solve the problem. Thanks a lot.

Nevertheless, all my other WP multisite installations are running on the same hosted server with BPS AutLock turned ON without any problem. And I have with this very particular WP site where the 403 error occurred some other issues, e.g. updating Jetpack deinstalls the old version, installs the new one but doesn’t reactivate the plugin again as it should.

I guess this has something to do with a custom WP Rewrite Loop End code I need to use on this particular installation. Otherwise I get an internal 505 error when I try to access the backend of any subsite.

This custom code differs from the one that WP offers during multisite installation in the network settings. It’s:

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

instead of:

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) mySite.de/wordpress/$2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ mySite.de/wordpress/$2 [L]
RewriteRule . index.php [L]

And it’s NOT a WP installation in its one directory. It’s on root level (the domain points directly to the /wordpress/ bin).

Maybe I have to dig a bit deeper into that…

BPS is borrowing/using the exact WordPress code to create htaccess code/files for Network/Multisite htaccess files/code. So the same exact htaccess code will be created by BPS that WordPress creates for Network/Multisite sites. WordPress used to have a disclaimer posted somewhere that stated that different or customized Network/Multisite htaccess code might be required for unusual Network/Multisite setups or unusual site structure/architecture.

We have a test site that has a very unusual/non-standard Network/Multisite structure/architecture that does require customized .htaccess code. That test site is a sudirectory installation of Network/Multisite installed in a subdomain and is physically installed as a subdirectory site for another root domain site. We created this test site to intentionally try to break WordPress htaccess code and it does break that code and does require custom root .htaccess code in order for the site to work correctly.

So since the standard WordPress Rewrite code is not working for this site right out of the box then that means you have an unusual Network/Multisite setup and will need to create a custom .htaccess solution.

Wanted to mention this also. So the test site that we created to intentionally try to break the WP htaccess code creation has a final URL/structure of this: subdomain.example.com and if this site was setup using the optimum Network/Multisite choices that are already available then the best installation type would be a subdomain Network/Multisite installation installed in a root folder. The point is this: since we were intentionally trying to break the WP htaccess creation code we intentionally installed things “wrong”/not using the best choice of installation method/type, which required creating custom htaccess rewriting code. So if the site was installed using the “correct”/best choice of installation method/type then everything would work fine without having to create custom htaccess rewriting code. So you may want to think about the possibility of maybe your choice of installation method is not an optimum choice and the site should be reinstalled using one of the optimum Network/Multisite site types and methods/choices.

BPS Custom Code has a special additional Custom Code text box for Network/Multisite sites for exactly this reason/scenario/possibility so that you can save your customized htaccess Rewrite code permanently.

Note: the code below is example code and is not the code you may need for your particular website. This example code is only for showing what the top and bottom sections of the WordPress Rewrite code look like generally.

This Custom Code text box: CUSTOM CODE WP REWRITE LOOP START: www/non-www http/https Rewrite code here
Is where you would add the top section of your WordPress Rewrite code.

# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

This special additional Custom Code text box: CUSTOM CODE WP REWRITE LOOP END: Add WP Rewrite Loop End code here
Is where you would add the bottom section of your WordPress Rewrite Code.

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) example.com/wordpress/$2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ example.com/wordpress/$2 [L]
RewriteRule . index.php [L]
# WP REWRITE LOOP END

One last important bit of information about site architecture/structure and htaccess files in a parent/child environment/relationship is this: htaccess files are hierchical/recursive so a parent site htaccess file (root folder) will affect a child site (subfolder). In order to not have that happen or to compartmentalize htaccess file rules/files you would use the methods in this forum topic: https://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/

Thanks again for all this additional information!

Yes, I ve been quite aware of the possible problems with unusual WP mulitiste installation schemes. Actually, I first tried a multisite installation in its own sub directory. But changed my mind exactly because of such problems with BPS – or let’s say: because of the need of special .htaccess knowledge – and did a clean reinstall at root level…

Nevertheless, something got obviously wrong. That’s why I ve been using the custom code text box of BPS already.

It seems that there are still some inconsistencies in my installation. Probably because of the fact, that – as I remember – I once switched the main site for a subsite and revoked it later. That means: I made a subsite to the main site and vice versa and corrected it back later. This, of course, is a little bit beyond the usual WP multisite installation procedure… I wonder if this might have changed some file permissions…?

Anyway, as I said: It works finally due to the AutoLock trick. Thanks!

My knowledge and expertise with Network/Multisite is very limited since my experience is all based on using Network/Multisite from a testing standpoint with the BPS plugin. I do not actually have any Live Production Network/Multisite sites and only have Dev Network sites for testing, bashing, thrashing and trashing purposes. ?? So anyway I would not really be able to offer any “deep” help with a Network site beyond how it relates to BPS.