[Plugin: AskApache Password Protect] What’s new in 8/14 version?

Just downloaded this tonight and tried it out. In the process of activating various things the plugin provides, I was sent to my custom 404 page. Now when I try to go to my wp-admin/index.php file, I am greeted with a drop-down box that says:

Authentication required

Enter username and password for “Protected By
AskApache” at https://(my web site)

I entered the username and password I setup in the plugin, and it didn’t work.

I deleted the .htaccess file from my wp-admin directory, and I still get the drop-down box.

So now, I am basically barred from my own WordPress site because of something left behind by this plugin. How do I de-activate it, when I can’t even get to my admin page??

Help!

Oh dear, a me-too post.
AAPP v461 on WP261:
ERROR: Failed to create /home/xxx/public_html/.htpasswda3

Hi sweyhrich,

I don’t think its a permissions problem. I think AA Pass Pro gets confused about where its reading and writing things. I end up with artifacts all over.

I’m not sure if it will help you but I posted a nasty hack that got me going (barely) at topic 196640. That allowed me to protect my Children’s Learning site with others to follow.

Don’t even try to use the pasword protection — it hasn’t worked since 4.3.5. You can use cpanel to do the same thing without the pain. But the rest of Ask Apache’s work is gold.

Steve

Guess what! I’ve made alot more improvements (this refactoring will never end) to the plugin.. Many are based on improvements to the WordPress Core Files, which I am constantly examining and learning from..

If you’ve seen the version 4.6 debugging options, you probably won’t believe the 4.7 debugging options. I spent the most time implementing even MORE debugging options so that in the future you can find problems much easier… even if you don’t know a thing about syslog, php error logging, etc.. Of course all that was done to try and figure out what was causing all of you posters problems.. and I think I am getting close to a 100% mysterious error free plugin! Which is the main goal and a huge step on the way to the ultimate goal of this plugin.

I am still working on the user/group management code, so that probably won’t be in the upcoming 4.7 release. But one thing I will tell you is the new version will have the best .htaccess anti-spam code for WP (maybe anything) ever seen on the net. (without using mod_security).. It’s not incredibly complex or lengthy, the rules are just very specific and very tight. I’m good at finding security vulnerabilities, this is the same thing only backwards.

I’ve been logging the entire HTTP request for every comment/trackback/pingback made to my blog for about 6 months (it took forever to find out how to log the entire request like this… I’m saying even the entire POST body.. just like having wireshark installed on the server!)

Then I would manually go through them about once a week (using a lot of linux shell scripting) and detail the subtle differences between spam and a real comment, and try different things.

So my blog kills thousands of would-be-spam connections every day to my blog (i actively try to recruit new spammers to study their technique), literally shuts down the TCP connection and wastes 0 bandwidth or CPU that a programming language like PHP used by akismet would waste (basically loading the whole wordpress program for each spam receieved)..

So I’m hesitant to publish this info, but then again, these spammers are so stupid that I’m not sure they can even read. What do you think?

Look for the update to come out sometime this month..

Maybe I’ll just become the worlds greatest spammer.. it’d take all of about an hour to accomplish that.. much easier than writing this plugin.

SPAMMER CHALLENGE: *come at me with your best* (but if you hack my server and get me in hot-water with my host I’m coming after you… spam/exploits only, no DOS or heavy net-use.)