Addon Domain redirects to another Addon Domain

THE11thROCK

• March 09, 2017 11:06

I havean an issue with two Addon Domains both in different folders. Addon Domain 1 redirects to Addon Domain 2. For easy recognition: [LIST]

Addon Domain 1 = Addon1.com

Addon Domain 2 = Addon2.rocks [LIST]

The problem is Addon2.rocks redirects to Addon1.com

Both use Wordpress

Both reside in different directory under one Main Domain Account (Let's call the Main Domain = MainDomain.com) I read a previous thread that tackled something close to this /Addon Domain from one account redirects to a domain on another account The previous solution was to have this in the htaccess:
RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^(?:www\.)?(maindomain|addondomain if it is a case)\.com$ [NC] RewriteRule ^ https://%1.com%{REQUEST_URI} [R=302,L,NE]
Any idea how can I fix this? Tried searching for an answer, but I guess the issue that I have is a bit different than with the others. Thanks for the help. By the wy, just to add, Addon Domain 2 ends with .rocks tld, if that helps

• 

  THE11thROCK

  • March 09, 2017 21:16

  Just to add if it can help, this only happens when I go the homepage. Going to either wp-admin pages, category or post links will not redirect the Addon2.rocks to Addon1.com. It only happens in the front page.

  0
• 

  Jcats

  • March 09, 2017 22:26

  1. Is there a .htaccess in a parent folder that has a redirect in there that is affecting it? Example /home/user/public_html/domain1.com /home/user/public_html/domain2.com and there is a .htaccess in /home/user/public_html/.htaccess If this is the scenario, rename /home/user/public_html/.htaccess to /home/user/public_html/ht and open up Incognito mode in your browser to see if the redirect still happens. 2. Are you using seperate databases? 3. Do you have just the default WordPress redirects setup in each domains .htaccess?

  0
• 

  THE11thROCK

  • March 10, 2017 06:51

  Thanks for the reply. 1. No there is no redirect in the parent folder. And yes, there is htaccess in /public_html/ 2. Yes. All have separate databases. Separate Wordpress installs. Separate folders of their own. It has one main domain in /public_html/ (named=MainDomain.com) and 6 other addon domains in independent folders. The addon domains include (addon2.rocks) and also (addon1.com). It seems (MainDomain.com) is not directly affecting the addon domains as the issue is only with (addon2.rocks) which redirects to (addon1.com). And to note, it only happens in the homepage or frontpage of (addon2.rocks). Addon2.rocks/post/ or Addon2.rocks/category/ or Addon2.rocks/wp-admin/ does not redirect to Addon1.com. Addon3.com, Addon4.com, Addon5.com, Addon6.com are all unaffected. All ends with a dotcom tld, only Addon2.rocks ends with dotrocks. On its own, Addon1.com works without problems. 3. They have separate htaccess file for each wordpress install. Just to note, the addon domains reside in their own folders like Addon2.rocks is installed inside add0n2.rocks, Addon1.com resides in Addon1folder.com Addon3.com resides in Addon3custom.com And so on. For your convenience, I included the htaccess in public_html and also the Addon2.rocks addon domain folder For (public_html) main domain or (MainDomain.com) [PHP]# BULLETPROOF PRO 12.7 SECURE .HTACCESS # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE # Using DENY will block all iFrames including iFrames on your own website # Header set X-Frame-Options DENY # Recommended: SAMEORIGIN - iFrames from the same site are allowed - other sites are blocked # Block other sites from displaying your website in iFrames # Protects against Clickjacking Header always append X-Frame-Options SAMEORIGIN # Protects against Drive-by Download attacks # Protects against MIME/Content/Data sniffing Header set X-Content-Type-Options nosniff # BEGIN WEBSITE SPEED BOOST # Time cheat sheet in seconds # A86400 = 1 day # A172800 = 2 days # A2419200 = 1 month # A4838400 = 2 months # A29030400 = 1 year # Test which ETag setting works best on your Host/Server/Website # with Firefox Firebug, Firephp and Yslow benchmark tests. # Create the ETag (entity tag) response header field # This is probably not the optimum choice to use. #FileETag MTime Size # Remove the ETag (entity tag) response header field # This is most likely the optimum choice to use. Header unset ETag FileETag none ExpiresActive on # ExpiresByType overrides the ExpiresDefault... # cache expiration time of 2 days|A172800. ExpiresDefault A172800 ExpiresByType image/jpg A4838400 ExpiresByType image/jpeg A4838400 ExpiresByType image/gif A4838400 ExpiresByType image/png A4838400 ExpiresByType image/bmp A4838400 ExpiresByType image/x-icon A4838400 ExpiresByType image/svg+xml A4838400 ExpiresByType text/javascript A4838400 ExpiresByType text/x-javascript A4838400 ExpiresByType text/css A4838400 ExpiresByType text/html A4838400 ExpiresByType application/x-font-ttf A4838400 ExpiresByType application/x-font-woff A4838400 ExpiresByType font/opentype A4838400 ExpiresByType application/x-shockwave-flash A4838400 ExpiresByType application/x-javascript A4838400 ExpiresByType application/javascript A4838400 ExpiresByType video/mp4 A4838400 ExpiresByType video/ogg A4838400 ExpiresByType video/webm A4838400 Header append Cache-Control "public" Header append Cache-Control "proxy-revalidate" Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform" Header set Pragma "no-cache" AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript AddOutputFilterByType DEFLATE application/javascript application/x-javascript AddOutputFilterByType DEFLATE application/x-httpd-php application/x-httpd-fastphp AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/xml-dtd AddOutputFilterByType DEFLATE application/rdf+xml application/rss+xml application/atom+xml AddOutputFilterByType DEFLATE font/otf font/opentype application/font-otf application/x-font-otf AddOutputFilterByType DEFLATE font/ttf font/truetype application/font-ttf application/x-font-ttf AddOutputFilterByType DEFLATE image/svg+xml # Drop problematic browsers BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html # Make sure proxies don't deliver the wrong content Header append Vary User-Agent env=!dont-vary # END WEBSITE SPEED BOOST # TURN OFF YOUR SERVER SIGNATURE # Suppresses the footer line server version number and ServerName of the serving virtual host ServerSignature Off # DO NOT SHOW DIRECTORY LISTING # Disallow mod_autoindex from displaying a directory listing # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out Options -Indexes # by adding a # sign in front of it. # Example: #Options -Indexes Options -Indexes # DIRECTORY INDEX FORCE INDEX.PHP # Use index.php as default directory index file. index.html will be ignored. # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out DirectoryIndex # by adding a # sign in front of it. # Example: #DirectoryIndex index.php index.html /index.php DirectoryIndex index.php index.html /index.php # BRUTE FORCE LOGIN PAGE PROTECTION # PLACEHOLDER ONLY # Use BPS Custom Code to add Brute Force Login protection code and to save it permanently. # See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ # for more information. # BPS PRO ERROR LOGGING AND TRACKING # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors # that occur on your website. When a hacker attempts to hack your website the hackers IP address, # Host name, Request Method, Referering link, the file name or requested resource, the user agent # of the hacker and the query string used in the hack attempt are logged. # All BPS Pro log files are htaccess protected so that only you can view them. # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/ # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors # after you install BPS Pro and have activated BulletProof Mode for your Root folder. # If you would like to log 404 errors you will need to copy the logging code in the BPS Pro 404.php file # to your Theme's 404.php template file. Simple instructions are included in the BPS Pro 404.php file. # You can open the BPS Pro 404.php file using the WP Plugins Editor or by using the BPS Pro File Manager. # NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file. ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php ErrorDocument 401 default ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php ErrorDocument 404 /404.php ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$ # WP-ADMIN/INCLUDES # Use BPS Custom Code to remove this code permanently. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] # WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # CUSTOM CODE REQUEST METHODS FILTERED # REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L] # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES # To add plugin/theme skip/bypass rules use BPS Custom Code. # The flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules. # The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9... # If you delete a skip rule, change the other skip rule numbers accordingly. # Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc. # If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13] # Adminer MySQL management tool data populate RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC] RewriteRule . - [S=12] # Comment Spam Pack MU Plugin - CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC] RewriteRule . - [S=11] # Peters Custom Anti-Spam display CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] RewriteRule . - [S=10] # Status Updater plugin fb connect RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . - [S=9] # Stream Video Player - Adding FLV Videos Blocked RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . - [S=8] # XCloner 404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC] RewriteRule . - [S=7] # BuddyPress Logout Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC] RewriteRule . - [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC] RewriteRule . - [S=5] # Login Plugins Password Reset And Redirect 1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . - [S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC] RewriteRule . - [S=3] # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Remote File Inclusion (RFI) security rules # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F] # # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond %{HTTP_REFERER} ^.*maindomain.com.* RewriteRule . - [S=1] # BEGIN BPSQSE BPS QUERY STRING EXPLOITS # The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too. # Good sites such as W3C use it for their W3C-LinkChecker. # Use BPS Custom Code to add or remove user agents temporarily or permanently from the # User Agent filters directly below or to modify/edit/change any of the other security code rules below. RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR] RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)HTTP(:/|/) [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond %{THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (sp_executesql) [NC] RewriteRule ^(.*)$ - [F] # END BPSQSE BPS QUERY STRING EXPLOITS RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # WP REWRITE LOOP END # DENY BROWSER ACCESS TO THESE FILES # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html # To be able to view these files from a Browser, replace 127.0.0.1 with your actual # current IP address. Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1 # Note: The BPS System Info page displays which modules are loaded on your server. Order Allow,Deny Deny from all #Allow from 127.0.0.1 # CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE # Jetpack XML-RPC DDoS & TRACKBACK/PINGBACK PROTECTION # You can whitelist your IP address if you use A Weblog Client # or want to whitelist an IP address for any other reasons. # Example: Add this line of code RewriteCond %{REMOTE_ADDR} ^(xxx\.xxx\.xxx\.xxx) [OR] # inbetween the first and second lines of code below. Then replace the x's with the # actual IP address you want to whitelist. # Note: It is recommended that you use 3 octets x.x.x. of your IP address # instead of 4 octets x.x.x.x of your IP address. # Example: RewriteCond %{REMOTE_ADDR} ^(xxx\.xxx\.xxx\.) [OR] RewriteCond %{REQUEST_URI} ^.*(xmlrpc\.php|wp-trackback\.php)$ RewriteCond %{HTTP_USER_AGENT} !^(.*Jetpack.*)$ RewriteRule ^(.*)$ - [F] [/PHP] For Addon2.rocks htaccess [PHP]# BULLETPROOF PRO 12.7 SECURE .HTACCESS # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE # Using DENY will block all iFrames including iFrames on your own website # Header set X-Frame-Options DENY # Recommended: SAMEORIGIN - iFrames from the same site are allowed - other sites are blocked # Block other sites from displaying your website in iFrames # Protects against Clickjacking Header always append X-Frame-Options SAMEORIGIN # Protects against Drive-by Download attacks # Protects against MIME/Content/Data sniffing Header set X-Content-Type-Options nosniff # BEGIN WEBSITE SPEED BOOST # Time cheat sheet in seconds # A86400 = 1 day # A172800 = 2 days # A2419200 = 1 month # A4838400 = 2 months # A29030400 = 1 year # Test which ETag setting works best on your Host/Server/Website # with Firefox Firebug, Firephp and Yslow benchmark tests. # Create the ETag (entity tag) response header field # This is probably not the optimum choice to use. #FileETag MTime Size # Remove the ETag (entity tag) response header field # This is most likely the optimum choice to use. Header unset ETag FileETag none ExpiresActive on # ExpiresByType overrides the ExpiresDefault... # cache expiration time of 2 days|A172800. ExpiresDefault A172800 ExpiresByType image/jpg A4838400 ExpiresByType image/jpeg A4838400 ExpiresByType image/gif A4838400 ExpiresByType image/png A4838400 ExpiresByType image/bmp A4838400 ExpiresByType image/x-icon A4838400 ExpiresByType image/svg+xml A4838400 ExpiresByType text/javascript A4838400 ExpiresByType text/x-javascript A4838400 ExpiresByType text/css A4838400 ExpiresByType text/html A4838400 ExpiresByType application/x-font-ttf A4838400 ExpiresByType application/x-font-woff A4838400 ExpiresByType font/opentype A4838400 ExpiresByType application/x-shockwave-flash A4838400 ExpiresByType application/x-javascript A4838400 ExpiresByType application/javascript A4838400 ExpiresByType video/mp4 A4838400 ExpiresByType video/ogg A4838400 ExpiresByType video/webm A4838400 Header append Cache-Control "public" Header append Cache-Control "proxy-revalidate" Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform" Header set Pragma "no-cache" AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript AddOutputFilterByType DEFLATE application/javascript application/x-javascript AddOutputFilterByType DEFLATE application/x-httpd-php application/x-httpd-fastphp AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/xml-dtd AddOutputFilterByType DEFLATE application/rdf+xml application/rss+xml application/atom+xml AddOutputFilterByType DEFLATE font/otf font/opentype application/font-otf application/x-font-otf AddOutputFilterByType DEFLATE font/ttf font/truetype application/font-ttf application/x-font-ttf AddOutputFilterByType DEFLATE image/svg+xml # Drop problematic browsers BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html # Make sure proxies don't deliver the wrong content Header append Vary User-Agent env=!dont-vary # END WEBSITE SPEED BOOST # TURN OFF YOUR SERVER SIGNATURE # Suppresses the footer line server version number and ServerName of the serving virtual host ServerSignature Off # DO NOT SHOW DIRECTORY LISTING # Disallow mod_autoindex from displaying a directory listing # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out Options -Indexes # by adding a # sign in front of it. # Example: #Options -Indexes Options -Indexes # DIRECTORY INDEX FORCE INDEX.PHP # Use index.php as default directory index file. index.html will be ignored. # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out DirectoryIndex # by adding a # sign in front of it. # Example: #DirectoryIndex index.php index.html /index.php DirectoryIndex index.php index.html /index.php # BRUTE FORCE LOGIN PAGE PROTECTION # PLACEHOLDER ONLY # Use BPS Custom Code to add Brute Force Login protection code and to save it permanently. # See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ # for more information. # BPS PRO ERROR LOGGING AND TRACKING # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors # that occur on your website. When a hacker attempts to hack your website the hackers IP address, # Host name, Request Method, Referering link, the file name or requested resource, the user agent # of the hacker and the query string used in the hack attempt are logged. # All BPS Pro log files are htaccess protected so that only you can view them. # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/ # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors # after you install BPS Pro and have activated BulletProof Mode for your Root folder. # If you would like to log 404 errors you will need to copy the logging code in the BPS Pro 404.php file # to your Theme's 404.php template file. Simple instructions are included in the BPS Pro 404.php file. # You can open the BPS Pro 404.php file using the WP Plugins Editor or by using the BPS Pro File Manager. # NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file. ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php ErrorDocument 401 default ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php ErrorDocument 404 /404.php ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$ # WP-ADMIN/INCLUDES # Use BPS Custom Code to remove this code permanently. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] # WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # CUSTOM CODE REQUEST METHODS FILTERED # REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L] # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES # To add plugin/theme skip/bypass rules use BPS Custom Code. # The flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules. # The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9... # If you delete a skip rule, change the other skip rule numbers accordingly. # Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc. # If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13] # Adminer MySQL management tool data populate RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC] RewriteRule . - [S=12] # Comment Spam Pack MU Plugin - CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC] RewriteRule . - [S=11] # Peters Custom Anti-Spam display CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] RewriteRule . - [S=10] # Status Updater plugin fb connect RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . - [S=9] # Stream Video Player - Adding FLV Videos Blocked RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . - [S=8] # XCloner 404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC] RewriteRule . - [S=7] # BuddyPress Logout Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC] RewriteRule . - [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC] RewriteRule . - [S=5] # Login Plugins Password Reset And Redirect 1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . - [S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC] RewriteRule . - [S=3] # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Remote File Inclusion (RFI) security rules # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F] # # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond %{HTTP_REFERER} ^.*addon2.rocks.* RewriteRule . - [S=1] # BEGIN BPSQSE BPS QUERY STRING EXPLOITS # The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too. # Good sites such as W3C use it for their W3C-LinkChecker. # Use BPS Custom Code to add or remove user agents temporarily or permanently from the # User Agent filters directly below or to modify/edit/change any of the other security code rules below. RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR] RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)HTTP(:/|/) [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond %{THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (sp_executesql) [NC] RewriteRule ^(.*)$ - [F] # END BPSQSE BPS QUERY STRING EXPLOITS RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # WP REWRITE LOOP END # DENY BROWSER ACCESS TO THESE FILES # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html # To be able to view these files from a Browser, replace 127.0.0.1 with your actual # current IP address. Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1 # Note: The BPS System Info page displays which modules are loaded on your server. Order Allow,Deny Deny from all #Allow from 127.0.0.1 # CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE # Jetpack XML-RPC DDoS & TRACKBACK/PINGBACK PROTECTION # You can whitelist your IP address if you use A Weblog Client # or want to whitelist an IP address for any other reasons. # Example: Add this line of code RewriteCond %{REMOTE_ADDR} ^(xxx\.xxx\.xxx\.xxx) [OR] # inbetween the first and second lines of code below. Then replace the x's with the # actual IP address you want to whitelist. # Note: It is recommended that you use 3 octets x.x.x. of your IP address # instead of 4 octets x.x.x.x of your IP address. # Example: RewriteCond %{REMOTE_ADDR} ^(xxx\.xxx\.xxx\.) [OR] RewriteCond %{REQUEST_URI} ^.*(xmlrpc\.php|wp-trackback\.php)$ RewriteCond %{HTTP_USER_AGENT} !^(.*Jetpack.*)$ RewriteRule ^(.*)$ - [F] [/PHP] Thanks for your help

  0
• 

  Jcats

  • March 10, 2017 12:45

  I would start by temp renaming both public_html/.htaccess and addon2.rocks/.htaccess so they are not used, just temporarily, and then test again just to rule them out completely. Make sure to use Incognito mode to test as the browser can potentially redirect still if something is cached in your browser.

  0
• 

  Infopro

  • March 10, 2017 14:07

  I agree with Jcats, that's easy place to start, disable any sort of redirects you know of.

  0
• 

  THE11thROCK

  • March 14, 2017 23:11

  Hi, sorry for the late reply. The issue is fixed. It seemed that the browser cache was the culprit. Thanks for the tips! Cheers!

  0
• 

  Infopro

  • March 14, 2017 23:32

  Thanks for updating the thread with your findings. :)

  0

Please sign in to leave a comment.