Forbidden .htaccess after modification

  • Resolved youglowgal

    (@youglowgal)


    9 years, 1 month ago

    I’ve add the following code to .htaccess about 3 times:

    <Files ~ “xmlrpc.php”>
    Order allow,deny
    Allow from all
    </Files>

    Jetpack runs fine but every time I try to use the WordPress app I receive Forbidden 403 errors. My Host says it’s likely a plugin rewriting .htaccess since the code is disappearing. I’m assuming W3 Total Cache is doing this but I have no clue how to fix without breaking something.

    Help is appreciated.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator t-p

    (@t-p)

    I’m assuming W3 Total Cache is doing this but I have no clue how to fix without breaking something.

    To rule out any theme/plugin specific issue, try:
    – deactivating ALL (yes all) plugins temporarily to see if this resolves the problem (plugin functions can interfere). If this works, re-activate them individually (one-by-one) to find the problematic plugin(s).
    – If you can’t get into your admin dashboard, try resetting the plugins folder by FTP. Sometimes, an apparently inactive plugin can still cause problems. Also remember to deactivate any plugins in the mu-plugins folder (if you have created such folder). The easiest way is to rename that folder to mu-plugins-old.
    – switching to the unedited default Theme (Twenty Sixteen, etc.) for a moment using the WP dashboard to rule out any theme-specific issue (theme functions can interfere like plugins). If you don’t have access to your admin area, use FTP , or your web-host’s cPanel or whatever file management application your host provides (no Dashboard access required). Navigate to /wp-content/themes/ and switch to the default theme by renaming your current theme’s folder by adding “-old” to the end of the folder name. Alternately, you can remove other themes except the default theme. That will force your site to use it.

    Perhaps you need to allow for your own IP. See this article: https://www.wpbeginner.com/plugins/how-to-disable-xml-rpc-in-wordpress/ …including the comments

    # Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
allow from 123.123.123.123
</Files>

    It’s worth noting, that “allow from 123.123.123.123” is optional, and if used should be updated to include your IP, or the IP of the device that needs access to xmlrpc.php (it would be good to cite examples in this article).

    Thread Starter youglowgal

    (@youglowgal)

    Thanks for the suggestions. When I look at .htaccess I can see both Yoast and W3 rewrite to the file. I’ve reached out to Yoast first to find a solution, then I’ll follow up with W3.

    I haven’t been able to try allowing my own IP, when I use a service to find it I get 2605:6001:e248:2f00:a88c:7689:fa1:e30d, and I know that’s not going to work. I had the same issue a while back when I was working with Go Daddy tech support and the guy gave up. The b.f. set up the modems and hasn’t be able to help me solve that issue.

    Go to google and type in “whats my ip”. It will show the IP for your computer which is the primary one you should allow access.

    Thread Starter youglowgal

    (@youglowgal)

    Got it, but the WordPress app still isn’t working. Jetpack will continue to run even after the .htaccess file has been rewritten, app gives me a 403.

    About to say F it and never use the app.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Forbidden .htaccess after modification’ is closed to new replies.