Use as featured image link not working

Hi AITpro, I have the featured image upload problem (as in it won’t work) running Neutica+ on top of Thematic with BPS. You write:

So far it appears the a simple solution would just be to add an htaccess skip rule for just the media.php file, which would just skip all the BPS filters if the media.php file is called.

… except for .htaccess newbies like me it’s not so simple ??

Could I trouble you for some quick instructions? Thanks in advance.

Hi,
The media.php skip thing was a mistake – i was tired at the time. So disregard that entirely. Now BPS may interfere with displaying images – one problem in that past was with timthumb, but a permanent fix has been included in BPS .45.8 for that. BPS should not interfere with image uploading whatsoever so I don’t think it’s BPS. To rule BPS out completely activate Default Mode for your Root folder and then see what happens. Default Mode is a basic generic WordPress .htaccess file. Image upload problems are commonly connectivity problems or corrupted cache problems. So clear your browser cache, clear your caching plugin cache and check your connection speed. Also it looks like this Theme works with IE, but just to be totally sure use FireFox to try an image upload. Since the Neutica+ child theme for Thematic is not free i am unable to take it for a test run. Thanks.

Thanks AITpro,
Just activated Default Mode as you suggested, and I still can’t assign a featured image. So guess BPS isn’t the cause. I’ll pop back here when I’ve found out what’s causing it.

BTW, I take it @crazywhistlepig saying:

Bulletproof security leaves behind the .htaccess file even after disabling/removing the plugin

isn’t the case when I’ve activated Default Mode.

Thanks again.

No prob. Yeah I didn’t think BPS was the problem on this one. BPS Default Mode is just activating a generic WordPress .htaccess file without any security filters, which only does a basic Rewrite and nothing else – no security and no filters. The filters are what can cause a conflict with a plugin.

The way BPS .45.8 works is that when you activate a particular mode, a master file is copied and renamed from the BPS master htaccess folder to whatever folder you are activating the mode for. It’s an overwrite deal. So whatever .htaccess file was there before is overwritten each time you activate a mode. Yep uninstalling or disabling BPS has no effect on the “active” .htaccess files. This is totally intentional because in Beta Testing we had both versions under testing. A complete uninstaller version and the version that survived beta testing to become BPS. What happened with the uninstaller version is 9 times out of 10 the test websites ended up being “down” mainly because no htaccess file existed at all any more, which equals 500 Errors. An htaccess file swap would be a very simple thing to code, but the problem is the variety of WordPress scenarios involved. So for now manually modifying the Root htaccess file using the built-in File Editor is the best way to ensure that a root htaccess file exists and is correct. Thanks.

Disabling other plugins makes no difference, and I was able to assign featured images previously, right up until I installed BPS.

Here’s something else a bit suspicious, making me reconsider .htaccess as the cause. I’ve been able to delete plugins before, but I’ve just tried now and I get this error for the very first time:

403 Permission Denied
You do not have permission for this request /wp-admin/plugins.php?

This is after activating BPS Default Mode and then deactivating BPS. So just downloaded the .htaccess for the website in question (at /public_html/thesite) and found that it is indeed “# BULLETPROOF .45.8 >>>>>>> DEFAULT .HTACCESS”.

So the evidence strongly suggests that BPS caused the problem, given nothing else has changed bar adding some new editors, but I can’t see how. Odder and odderer!

hmm i wonder if the wp-admin .htaccess file filters are causing a problem somehow with this Theme. I don’t think that is the issue. Is your WordPress installation in your Root folder or is WordPress intalled in a subfolder (ie /my-blog)? Try this. Delete the .htaccess file that is in your wp-admin folder. Activate default mode then go to the WordPress Settings Panel and update your Permalinks. You are using a custom permalink structure i assume? If not you should be. This will write to Your Current Root htaccess file. Now go back to BPS and take a look at the File Editor and look at Your Current Root htaccess file. You will see the .htaccess code that WordPress wrote to your active root .htaccess file. Now one thing that can block you from being able to delete plugins is if somehow the wp-admin .htaccess file has a “BEGIN WordPress….” Rewrite section of code in it. All that should be in that file is just the filters. Post the code that WordPress generates after you update your custom permalink structure. If you are not using a custom permalink structure then i recommend using either of these 2 below –
/%post_id%/%postname%/
or
/%year%/%postname%/

Also you didn’t mention that you had tried to restore your original backed up .htaccess files. So that would also be another way to see if they are different from what you see with the BPS master files ie the RewriteBase is different…
Thanks.

First, to answer your questions:

1. My WordPress instance runs at an add-on domain in a folder called public-html/mywordpressTLD. Not sure then whether one considers this to be the root or subfolder
2. I am indeed using a customer permalink structure, and simply reselected the same and saved

So, a BIG THANK YOU. I followed your instructions (the main instructions, not the restore backup option mentioned towards the end of your comment) and problem solved. I can now delete plugins and assign featured images.

FYI, the Your Current Root htaccess file does have a section as you describe. Specifically, the only part not commented out with hash / pound sign is:

Options -Indexes
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

AITpro, thanks again for your help. If I can help you in anyway ascertain what went wrong here, please get in touch (philipsheldrake.com) or we can continue here. And perhaps I won’t try implementing BPS again until we know what happened.

Ok your add-on domain is aliased to your primary domain account then for your primary web hosting account so it is a Root installation – ie SiteA and SiteB are 2 different unique sites under one hosting plan. Not to be confused with a domain alias where SiteA and SiteB are the same site, but have two different names. Now if you had WordPress installed in a subfolder of that aliased domain >>> public-html/mywordpressTLD/my-blog >>> it would then be a subfolder WordPress site. ??

So it appears that one or more of the filters in BPS are not playing nice with that particular Theme then. There were a couple of Themes that had conflicts at one point or another with BPS, but they have all been resolved. I will contact the Theme author and see if he / she is willing to release a copy of the Theme to me for testing purposes. Also i will make a note on my plugin / Theme testing and conflicts page that this is the only WordPress Theme that does not work with BPS – pending testing confirmation.

Just be aware that you website does not have any security protection at this point. If i were you i would at least try and add the SQL Injection filter manually. This is the most common attack method used. Out of well over 300,000 documented BPS hacking attempts about 270,000 of those are using SQL Injection hacking methods and are successfully blocked by the BPS SQL Injection filter.

RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]
RewriteRule ^(.*)$ - [F,L]

I have had the same problem. Just after installing BPS I can’t insert a featured image or delete plugins. I’m using a custom theme that I built myself.

I really love the plugin AIT and want to use it. Have you found a workaround yet?

Thanks!

Hi,
Have you set up your custom permalink structure yet? I would need more info in order to troubleshoot your particular issue further. Please post a comment on the AITpro site with your website URL so i can take a look at your source code. Thanks

I’ve got a similar problem, after selecting the Featured Image, instead of being able to see the image on the bottom right of the edit post page, all I see is -1 (minus one).

I can add featured images no problem to sub-sites thought, just not this parent site.

Hi,
For anyone who has image issues with BPS I need to know a few things to figure out what the problem is. If you are using an image Thumbnailer then info can be found on the AITpro site regarding that known issue. email me at edward[at]ait-pro[dot]com with:
1. Your website URL
2. Your Theme name just in case it is not obvious from viewing your site.
3. Folder where WordPress is installed in case it is not obvious from viewing your site.
4. Your custom permalink structure just in case.

Thanks,
Ed

Hi Ed,

I have am now experiencing this as well with installations that use the Featured Image function. Unfortunately, I’ve had to remove BPS for the time being to work around this and would be great to know if there is a way to keep BPS on all sites.

I’ll send you the web url by email in a moment.

Thanks!

I Changed:

RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]

To:

RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]

Which I only removed the select from the condition and it now works perfectly. yay!

EDIT: SOLVED !

I just removed the BulletProof htacces file.