Better WP Security changes .htaccess causing "Internal Server Error"

Hi

Im having the same issue and I just realized it’s not just on the back end My sites are all down when this happens.

have you found a fix?

thanks

Yes. It brings whole site/software down.
htaccess causes “Internal Server Error”.

No-one has replied.
It’s only on a few sites with no obvious connection.
So removing the plugin.

Not sure WordPress & plugins can be risked on important sites, any longer.
Industries support appears to be dropping.

No captcha plugin being maintained.
Lots of others being abandoned.
Hackers constantly attacking it.

Question for you. When just prior to your sites going down did you enable the “Write to WordPress core files” option?

If so, then the issues should go away after 5 minutes or so (possibly sooner). From time to time when enabling this option on new or existing sites it tries to write a bunch of stuff all at once which temporarily overloads the server.

You can either wait it out, restart Apache or disable BWP (not recommended).

Thanks for the help.

On our side… no
“Write to WordPress core files” option not changed.

The problem is sudden and without changes/interaction, our end.
It appears to be the site reacting to an login/hacking attempt.
It has not happened since a couple of days ago (on 2 different sites)

Not using HackRepair.com’s blacklist may be a fix.
But it works on others, fine.

HI

thanks for the replies It happens on every site which has plugin installed I believe I had just about every option checked off!

It is sudden and may take 2 min or 2 hours but since it’s making all sites go down I had to disable/remove it!

it’s def. the .htaccess files the amount of info written though isn’t the issue, as if it were it would have brought the sites down fast and at times it may not happen for days????

I think I need to switch to a paid version of a security plugin as theses are my affiliate sites and that’s not good ??

Any recommendations would be appreciated!
It’s too bad as the plugin worked real well when I had 4 break in attempts in 2 days a few weeks back and it did a great job!

thanks!

It broke more sites today.

Turning off the ‘ban’ items, might stop it breaking sites.
Note: it breaks the site again, when turning them off!
(changes .htaccess causing a “Internal Server Error”)

But hopefully for the last time

Shame the plugin maker isn’t joining in, but cannot suggest others on their forum.

Mine did this once. For some reason extra non-printing characters got into the .htaccess file. The characters in mine were before the first line. They could not be deleted with my editor.

Instead, I copied the .htaccess file to another name. Created a new .htaccess file. Typed in the first line. Then copied the rest of the lines using cut and paste. Then it worked.

Not sure why it happened. I may have been better-wp-security on its own, it may have been that I had the .htaccess open in filezilla at the wrong time. If yours ends up being the same, please let the author know as a 1 issue like this may have just been me bumbling around.

HI

Thanks for the comments None of the above are resolving my situation ??

Plugin is doing this in all sites I install it on and it brings sites down Only way to fix error is to clean out folders from my host but that is super time consuming and a pain.

I disabled all for now and unfortunately I have to use a diff. plugin until issue is resolved.

@ London WP— I can clear out .htaccess files but it continues to happen over and over again and is too frequent, I could not even write a post…….

THanks I’ll be waiting for a fix even if it takes a long time ??

Hi,

I also get an internal server error and found that the line

“RewriteCond %{HTTP_USER_AGENT} ^\^Zeus 32297 Webster Pro V2\.9 Win32 [NC,OR]”

in my .htaccess is causing this. Can you guys see if you have the same problem (try to remove it)? I’ll report it to the plugin maker.

Hi all. As far as I know some features of the plugin may cause 500 internal server error, you may need to disable one or all these below:
– Menu > Security > Ban Users > Enable Default Banned List
– Menu > Security > Database Backup > Enable Scheduled Backups
– Menu > Security > Intrusion Detection > Enable File Change Detection

Internal server error can happen if your website try to use more memory than allowed by your server. Those features above have been reported using much memory. If memory really is the problem, you may try to ask your web host company to increase the max allowed memory.

Hi,

@ su1 my error is not win32……….
but is internal server error 500

@handoko I had considered that possibility!!
I had sched. backups off for sure as I use diff program, default banned list was off on some sites which still went down…..I’m not sure about file change detection but will try that on one site with all 3 disabled and will report back! thanks

PS…if any other settings you think should be disabled please advise ASAP so I can test!

thanks!
Will try soon! ??

Hi,

ok i made those 3 changes on 1 site, then plugin needed update, got failure page, cleared out .htaccess like 2-3x and cleared cache, worked on site for about an hour and so far so good…..

if that fixes it id be thrilled ??

What I think would be a great idea if someone happens to have this saved on wouldn’t mind copy/pasting….is a copy or Doc. with —> what they think are best settings, as to help those of us having multiple errors etc…..I know it would be a TON to paste in here but it would be really helpful to a lot of people I’m sure…and I would do this myself except that my settings are not all set up and I have been having so many issues I’d hate to have someone else’s site go down ??

My 500 errors happen over various time periods so I will check back in next 24 hrs

Thanks to all of you!
??

Enable Banned Users
IT IS THE banned users feature
‘Ban Hosts’ bit

AND IF YOU UNCHECK THE BOX, IT IS FINE BUT…
THE PLUGIN RE-CHECKS (enables) IT!
breaking the site again!

EG BELOW

# BEGIN Better WP Security
Order Allow,Deny
Deny from env=DenyAccess
Allow from all
SetEnvIF REMOTE_ADDR “^95\.62\.197\.135$” DenyAccess
SetEnvIF X-FORWARDED-FOR “^95\.62\.197\.135$” DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP “^95\.62\.197\.135$” DenyAccess
# END Better WP Security

See this post from Handoko few days back:
These 3 things – do them all!!

Hi all. As far as I know some features of the plugin may cause 500 internal server error, you may need to disable one or all these below:

– Menu > Security > Ban Users > Enable Default Banned List
– Menu > Security > Database Backup > Enable Scheduled Backups
– Menu > Security > Intrusion Detection > Enable File Change Detection

Internal server error can happen if your website try to use more memory than allowed by your server. Those features above have been reported using much memory. If memory really is the problem, you may try to ask your web host company to increase the max allowed memory.

??

Oh if I pasted the code it was writing to my file in here forget it, like a mile long!! ??