Empty htaccess file

  • Resolved applejack1923

    (@applejack1923)


    3 years, 3 months ago

    This past week on 2 sites I have had an issue wehere all of a sudden the main htaccess file has been written as empty.

    I am trying to work out whether it is possible that iTheme Security plugin could be the cause or if this would be impossible for it to do so.

    Also if there is a way of manually triggerring iThemes Securty to write / update the htaccess file so I can test.

    Thanks

Viewing 4 replies - 1 through 4 (of 4 total)

  • Hi @applejack1923

    – First you need to make sure the iTSec plugin is allowed to write to the .htaccess file (if it’s not then something else must be causing the empty .htaccess file).

    Navigate to the Security > Settings menu option and then click on the Configure icon. This will take you to the Global Settings page. First setting is Write to Files and it’s usually enabled (by default).

    – Then you need to check whether the iTSec plugin is currently configured to write anything to the .htaccess file.

    Navigate to the Security > Settings menu option and then click on the Tools icon/link at the bottom of the page. Then click on the Server Config Rules entry. If no plugin setting is enabled, which is effectuated by writing rules to the .htaccess file, you’ll see the following message:

    There are no rules that need to be written.

    Otherwise you’ll get to see the rules written by the iTSec plugin to the .htaccess file.

    Typical settings that get effectuated by writing rules to the .htaccess file are eg: all System Tweaks settings. So enabling/disabling any of those settings will trigger the iTSec plugin to (re)write to the .htaccess file.

    The info above should help you rule out the iTSec plugin as the culprit.

    +++++ To prevent any confusion, I’m not iThemes +++++

    Thread Starter applejack1923

    (@applejack1923)

    Hi

    Thanks for the reply.

    If I switch off iThemes capability to write to htaccess and wp-config after it has done so initially then what implications does this have for security i.e. are banned IP’s stored in the database instead etc ?

    I did look at the documentation but couldn’t find any mention of this.

    Yes, banned IP’s are stored in the database. Where a request from a banned IP would normally be forbidden earlier, at the web server layer, without the plugin writing the ban rules to the .htaccess it’s now WordPress (the application layer) preventing access to banned IP’s.

    Ideally you want banning to happen on the web server layer, but when the ban rules are missing in the .htaccess the banned IPs stored in the database are used to ban IPs in WordPress. The iTSec plugin includes PHP code to handle this.

    Thread Starter applejack1923

    (@applejack1923)

    Hi

    That’s what I thought, thanks for confirming.

    • This reply was modified 3 years, 3 months ago by applejack1923.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Empty htaccess file’ is closed to new replies.