wpmu Defender change database prefix and create htaccess files suggestions

I let the defender plugin change the database prefix from wp_ to something more cryptic and my site went down. I edited the wp-config file to reflect the prefix change and the site came right back. Maybe that is how the plugin is supposed to work...

I let the Defender plugin create htaccess files as per it's suggestion, and my dsIDX plugin image slideshow and comment form stopped working. I get a juicebox error on the slideshow and a error sending contact us form error when pressing the submit button for the contact us form. I checked with the plugin vendor and they noticed that "something" was blocking access to their client_area.php file. As soon as I disabled the htaccess file that defender added to the wp-content folder, the IDX plugin started working again.

I would like to re-enable the htaccess file in the wp-content folder and was wondering what you would suggest I add to the htaccess file to allow the IDX plugin php file access.

Also, disabling and deleting the defender plugin does not revert the site to it's previous state or render the files and database changes inactive - use this plugin with caution and make sure you have a backup! SOP

  • Michael Bissett

    Hey Todd, Michael here! :slight_smile:

    I let the defender plugin change the database prefix from wp_ to something more cryptic and my site went down. I edited the wp-config file to reflect the prefix change and the site came right back. Maybe that is how the plugin is supposed to work...

    It should make that change for you, one thing I'd advise making sure of would be that enough memory's allocated to WordPress. I like to set 256M, like this:

    define( 'WP_MEMORY_LIMIT', '256M' );

    I would like to re-enable the htaccess file in the wp-content folder and was wondering what you would suggest I add to the htaccess file to allow the IDX plugin php file access.

    By default, Defender inserts this into the .htaccess file there, when the "Prevent PHP execution" issue is handled:

    ## WP Defender - Prevent PHP Execution ##
    <Files *.php>
    Order allow,deny
    Deny from all
    </Files>
    ## WP Defender - End ##

    As it sounds like the client_area.php file resides in the /wp-content folder, you should be able to get that working by adding this after the rules that WP Defender applies:

    <Files client_area.php>
    Order allow,deny
    Allow from all
    </Files>

    Also, disabling and deleting the defender plugin does not revert the site to it's previous state or render the files and database changes inactive - use this plugin with caution and make sure you have a backup! SOP

    I agree, particularly with the database changes. Our Snapshot plugin would be handy for handling those backups:

    https://premium.wpmudev.org/project/snapshot/

    Kind Regards,
    Michael

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.