朱家兩大兩小在美國的生活 The Chus from the East

«
»

WordPress 2, .htaccess Protected Directory, and 404 Error

English科技/電腦
朱朱在 2006/3/17 星期五 17:01:33 EST 發表

Note: I found an even better solution. Please see my comment below.

Ever since upgrading this blog from WordPress 1.5 to 2.0, files inside a password protected directory no longer works. Any attempt to load file in the directory will be redirected to WordPress and get a 404 error. After some research and debugging, I find the rewrite section WordPress put in my main .htaccess file is causing the problem. The rules reads like this:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

What it does is check to see if the requested filename is a regular file or a real directory. If it’s neither of the two then redirect to /index.php, which is WordPress entry.

Supposedly, any existing directory or file in it will fail the test. So Apache will load the file/directory instead of WordPress index.php. However, the fact that the requested directory is password protected with its own per-directory .htaccess file seems to cause Apache to think it’s not really a directory/file, thus satisfying the 2 tests and invoke WordPress index.php.

I tried to change my main .htaccess file to fix that. But couldn’t. And I am not alone. I find many people with similar problem in WordPress support forum. For example: WP 2.0 – htaccess overly aggressive? 404’s galore

Now I finally deviced a fix to it and it’s to change the index.php file WordPress is using. Since my WordPress install is inside a subdirectory in my web root, I have a copy of the index.php in my root directory while loads WordPress files from the subdirectory. So changing it is fine for updating WordPress won’t overwrite it.

Here’s the fix:
<?php
/* Short and sweet */
$request_filename = $_SERVER['DOCUMENT_ROOT'].$_SERVER['REQUEST_URI'];
$this_dir = dirname(__FILE__).'/';
if($request_filename!=$this_dir && $request_filename!=__FILE__ && (is_file($request_filename) || is_dir($request_filename))) {
  // we are not supposed be here!
  die;
}
// load WordPress in /wp
define('WP_USE_THEMES', true);
require('./wp/wp-blog-header.php');
?>

What it does is first make sure the request is not for the home directory or index.php itself. We want WordPress to handle these, right?

Then it tests if the request is a regular file or a real directory. And die if that’s the case. Basically we are doing what the two RewriteCond lines in .htaccess supposed to do. Magically, this works!

Now, my password protected directory correctly asks for password instead of showing WordPress 404 error page. All WordPress permalinks work. All non-protected directories work. Direct URLs to my Gallery2 work. It all works. That’s a rare thing to say about anything I did. Really! Just ask my wife about the house… Err, wait. No, don’t do that.

I don’t know if this would work with other setup, like WordPress is installed right in the web root. But I guess it should. So if you have the same problem, give it a try and let me know if it helps. Good luck.

31 則留言回應 »
RSS feed/Trackback URI

“WordPress 2, .htaccess Protected Directory, and 404 Error” has 31 comments.

  1. Solution for Password Protected Directories and WordPress – WordPress SEO and Blog Marketing - 發表於2007/6/13 星期三 02:46:15 EDT。
  2. WordPress admin password protection 404 - 發表於2010/2/24 星期三 02:07:27 EST。
  1. 朱朱
    2006/3/17 星期五 18:47:50 EST 回覆

    Found a even better solution at Textpattern:

    http://textpattern.com/faq/173/password-protected-directories-with-htaccess

    Basically, the problems is partly caused by incomplete error document set up. Specifying error documents in .htaccess file fixed my problem. But the hack in the original post might still be of use in other situations.

    So scrap the above exercise. Or just pick your poison.

  2. Billy
    2006/9/28 星期四 15:13:19 EDT 回覆

    Thank you!!! I’ve spent hours trying to figure out what was wrong!

  3. 朱朱
    2006/9/28 星期四 15:32:42 EDT 回覆

    No problem. Glad to be of help.

  4. Patricia
    2006/11/10 星期五 17:25:04 EST 回覆

    Thank you!!!! I was having the exact same problem with one of my blogs and your solution worked right away. Much obliged!

  5. Nathan Logan
    2007/4/11 星期三 16:53:57 EDT 回覆

    Hey, just wanted to say thanks for this solution. Even though I’m using Textpattern, the linked solution didn’t work out for me. So after battling with (and losing to) .htaccess, I implemented something like you have here.

    Thanks for the pointer!

  6. 朱朱
    2007/4/11 星期三 17:31:30 EDT 回覆

    Nathan. You are welcome and glad that it works for you. Have fun!

  7. jayne d'Arcy
    2007/6/10 星期日 04:03:17 EDT 回覆

    I was losing my hair over this maddening problem. I tried something similar to the textbook solution, but that didn’t work for me. My blog is in the root, so if that has something to do with it… I don’t know. I’m far from any sort of expert. However, I implemented your index.php modification just a few minutes ago and now my test subdirectory password protect is working. It also looks like the blog is continuing to work fine, with the pretty permalinks. I’ll give it a few more days and come back if anything goes wonky. Thanks, though, for this fix.

  8. 朱朱
    2007/6/10 星期日 09:41:55 EDT 回覆

    Jayne. I am glad the tricks work for you.

    PS. I thought your comment was a spam at first when I read something about hair loss. :)

  9. Dave
    2007/8/9 星期四 01:30:34 EDT 回覆

    Hrmm…I’ve tried doing the index.php mod that you suggested and it breaks my WP index.php. All other sections of WP work fine, but index.php loads empty. If I do this, my protected directory then works properly (but, I’m more concerned with the index.php loading than I am a protected directory – obviously!).

    I’m at a loss…if I switch back (which I have done), I regain functionality of WP, but I lose pw-protected doc to the 404 error.

    *sigh*

  10. 朱朱
    2007/8/9 星期四 01:34:47 EDT 回覆

    Dave. Have you tried the HTML error document fix in the first comment?

  11. Dave
    2007/8/9 星期四 02:16:20 EDT 回覆

    I tried a bunch of variations…I was so close, but forgot to fix my error paths back so it was not reading properly. Just got it fixed now – many thanks!

  12. Chester
    2007/12/28 星期五 18:27:20 EST 回覆

    With WP installed in my root, I could not get the simple Error redirect fix to work. I had to use your index.php fix for this to be resolved properly.

  13. 朱朱
    2007/12/28 星期五 20:22:58 EST 回覆

    That’s cool. I knew my ugly hack has to be useful somehow. :)

  14. ismael
    2008/2/29 星期五 10:33:45 EST 回覆

    great! works perfect!!

    many thanks!

    ismael.

  15. 朱朱
    2008/2/29 星期五 11:04:06 EST 回覆

    Hi ismael. Glad that it works for you.

  16. Henriemedia.com
    2008/5/23 星期五 15:18:12 EDT 回覆

    Thank you for the PHP code! I could’t get the .htaccess changes to work, but your code works like a dream for my Wordpress nightmare!!! Thank you!!!

  17. MBC
    2008/8/8 星期五 12:56:25 EDT 回覆

    Thanks for the solution, you saved me from going crazy and closing down the blog :P

  18. 朱朱
    2008/8/8 星期五 13:33:02 EDT 回覆

    You are welcome. Glad to be of help.

  19. Mário Gamito
    2008/10/22 星期三 15:19:13 EDT 回覆

    Hi,

    I’ve tried your code very carefully, but I ended up with the same problem as Dave: the directory gets protected alright, but the blog only displays a blank page.

    I’m using WP 2.5.2

    Do you know what might be causing that ?

    Any help would be appreciated.

    Warm Regards,
    Mário Gamito

  20. Mário Gamito
    2008/10/22 星期三 15:21:31 EDT 回覆

    Sorry, it’s 2.6.2 I’m using.

  21. 朱朱
    2008/10/22 星期三 16:09:57 EDT 回覆

    Did you try the Textpattern fix mentioned in the 1st comment? If that doesn’t work and you are using my PHP code, is there a error_log file in your WordPress directory?

  22. 朱朱
    2008/11/25 星期二 09:54:44 EST 回覆

    Ya. That’s what I am talking about. The nasty curly quotes. Just edited my post by replacing the single quotes with its HTML entity. Now the code should copy and paste correctly.

    Sorry for the mess-up.

  23. brasilblogger
    2008/11/25 星期二 09:35:45 EST 回覆

    The Textpattern Mod does not work, but your index.php hack works fine on Hostgator with WP2.6.3 … Thanks for this solution! Greetz from Brazil, brasilblogger

  24. 朱朱
    2008/11/25 星期二 09:50:32 EST 回覆

    You are welcome, brasilblogger. Glad it works for you.

    Hm… I just find out WordPress replaces all the quotation marks in the code section with the smart/curly quotes. Bad! On to finding out how to fix it…

  25. brasilblogger
    2008/11/25 星期二 09:51:30 EST 回覆

    Oh, to the comment Mário Gamito a tip … so your webserver shows not up php error … but there are some in the code … you have to use always ‘ instead of ’

    for example here:
    $this_dir = dirname(__FILE__).’/’; <<< wrong
    $this_dir = dirname(__FILE__).’/'; <<< right

    define(’WP_USE_THEMES’, true); <<< wrong
    define(‘WP_USE_THEMES’, true); <<< right

    require(’./wp/wp-blog-header.php’); <<< wrong
    require(‘./wp/wp-blog-header.php’); <<< right

    if wordpress is on root:
    require(‘./wp-blog-header.php’);

    Try it out. Hope it helps.

  26. brasilblogger
    2008/11/25 星期二 10:01:03 EST 回覆

    Ok, the comments can’t display this. ;(
    So use always the right apostroph >> Alt+39 to find on the keyboard over the #

  27. brasilblogger
    2008/11/25 星期二 10:05:43 EST 回覆

    Haha! And I thought, that I can’t copy & paste anymore. Because after my second comment, the code above in your posting was correct … *ups*

    …. so edit/delete my comment with the wrong quotes … ;)

  28. Liane
    2009/4/2 星期四 19:16:50 EDT 回覆

    It worked! The error doc fixed didn’t work for me – I’ve got my index.php in the root and WordPress in another directory. Funny, I used the error doc fix yesterday, and it worked, but was a temporary solution, didn’t work at all after that.

    Glad I found this article! Bookmarked…

    Liane

  29. 朱朱
    2009/4/2 星期四 20:42:31 EDT 回覆

    Liane. Glad that this old trick is still helpful. Enjoy.

Leave A Comment

(由於反制垃圾留言的功能,你的回應可能不會馬上出現。)

«
»

東方之朱是以 WordPress 建構。原始主題設計:Matthew0.692
登入][WebMail