Menu

Topic-icon Saving .htaccess Protect causes 500 Internal Server Error

  • azurelinksc
  • azurelinksc's Avatar Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
More
2 years 8 months ago - 2 years 8 months ago #5098 by azurelinksc
I'm also having problems with using the htaccess protection. I'm getting the white page with the 500 Internal Server Error message immediately after clicking "Protect" on the .htaccess protection page.

To regain access to the site (frontend and backend) I have to rename the SCP version of htaccess, and restore the original. When I access the admin area, it loads the page with the alert message: ".htaccess protection applied."

I have other older Joomla sites running on lesser versions of PHP on this server and SCP works fine. This one is running on PHP 7.0.24, Joomla 3.7.5, Linux 2.6.32, MySQL 5.5.57 cli.

FYI, for this site, I am using cPanel's MultiPHP Manager to choose the version of PHP, and to customize the PHP parameters. It has inserted PHP version and INI parameters at the top of my htaccess file. I tried pasting it here, but your site's SCP is preventing my post even if the code was enclosed in code tags, giving me a 400 error.

When I implemented the .htaccess protection in SCP, it added some SCP Xframe Options protection instructions at the top. I tried moving the cPanel info to the top, but got the same 500 error.

Any help to resolve this problem would be appreciated.

***** UPDATE *****

Your recommended to try protecting it with the first four parameters under Self Protection set to "No". This still generate the 500 error.
Last edit: 2 years 8 months ago by azurelinksc. Reason: Has phantom duplicate paragraph of repeated text at the bottom. Attempting to delete it.

Please Log in or Create an account to join the conversation.

More
2 years 8 months ago #5099 by Jose
Hi azurelinksc,

If my solution doesn't wor, then the only way to know what's causing the issue is to apply each setting individually.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • azurelinksc
  • azurelinksc's Avatar Topic Author
  • Offline
  • Junior Boarder
  • Junior Boarder
More
2 years 7 months ago - 2 years 7 months ago #5231 by azurelinksc
Finally getting back to this issue. (I disabled htaccess protection since my last post.)

It appears that the problem is caused (in my case) by the lack of a line break at the end of the SCP code which is inserted into the htaccess file when protection is applied.

This is causing the first line of my htaccess file to be included right after the last line of the SCP code, which turns it into a comment.

Example:

Here is the last line of the applied SCP code:
## End Securitycheck Pro Hide Backend Url<IfModule mime_module>

Note that the
<IfModule mimemodule>
opening tag is now part of the comment, breaking the parameter.

In my server, I am using cPanel’s MultiPHP Manager to assign PHP 7 to this virtual host.
This inserts PHP handler code at the beginning of the default Joomla .htaccess file.

If I’m not mistaken, SCP usually inserts the protection code after the default Joomla code. But for this site, it is inserting it at the beginning. Why?

SITE INFORMATION:

Joomla version: 3.8.2
PHP 7.0.26
MYSQL: 5.5.58-cli

As mentioned above, I am using cPanel’s MultiPHP Manager to assign PHP 7 to this virtual host. cPanel is inserting this code at the beginning of the default Joomla htacess file:
# BEGIN cPanel-generated handler, do not edit
<IfModule mime_module>
  AddType application/x-httpd-ea-php70 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
   php_flag display_errors Off
   php_value max_execution_time 30
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 32M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php70"
   php_value upload_max_filesize 32M
</IfModule>
# END cPanel-generated php ini directives, do not edit

———

When I applied the SCP htaccess protection, it deleted the first part of the cPanel code, removing this comment line:
# BEGIN cPanel-generated handler, do not edit

And as previously mentioned, SCP turned the <ifModule> tag into a comment.
To resolve, I moved the SCP protection code after the Joomla code, and retyped the first cPanel BEGIN comment.
In SCP htaccess protect, it now shows all enabled parameters and “Yes” and displays the green “Applied” message next to each parameter.

However, I think if I reapplied it, it would break it again. A bug, perhaps?
Last edit: 2 years 7 months ago by azurelinksc. Reason: Typo
The following user(s) said Thank You: Jose

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #5232 by Jose
Hi azurelink,

Yes, it's a bug. The 'backend protection' feature is the only setting that doesn't add an End of Line after being applied, so in case like yours can cause the error.

It will be solved in the next release of SCP; if you need it before write me an email and I will send you the modified file.

Thank you very much for report this!

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.062 seconds
Powered by Kunena Forum

Login or Sign In