Andreas Hecht October 7th, 2016

How a WordPress “Error” Almost Drove me Crazy

Originally, this article was going to be called "Server and WordPress Errors: the .htaccess Heredity." However, this title would not have given you the slightest idea of what happened. Some errors are so stupid that you could start laughing out loud, were they not so sad. Read the story of a man in despair, fighting an error that was not an error. Don Quijote sends his best wishes. It was meant to become a simple WordPress installation. Install it once, and done. This task is not really difficult, and usually, it doesn't take much expert knowledge to solve it. Nonetheless, it brought me close to complete despair, as I had to find a solution to an error that was no error.

The Prologue - My Server-Move

A few months ago, I got a "Managed-Root Cloud Server" from hostNET for my websites. I've wanted to get away from my shared hosting and get something that is future proof, due to scalable resources. I knew that my new server would have to come with an "Auto-Installer." So I went ahead and tried it, installing WordPress for the first website in the main index, and not in a folder within said index. By the way, the main index I'm talking about is not the server's root index, but the index in which the websites are deposited (HTML or public_html or something similar). It took me a long time to realize that an installation via the auto installer was a poor solution. Normally, I set up a folder for each website in the main index, to which the respective domain will point. From my experience, that is the best solution. In this case, however, I installed the WordPress for my first website directly within the main index. Afterward, I created a folder for every following website, but due to my dumb mistake, each folder was within the WordPress files of the first installation.

The Wrong and the Right Way With Multiple Websites

This is How an Organization With Multiple Websites Shouldn't Look: [caption id="attachment_77627" align="alignnone" width="500"]My Messy-Server, the Problem is Obvious. There are Multiple Other Installations in One WP Installation.[/caption] When running multiple websites on one server, the structure shouldn't look anything like the screenshot above. This causes significant problems and doesn't help you keep an eye on everything. The Optimal Way of Organizing Many Websites on One Server: [caption id="attachment_77628" align="alignnone" width="500"]This is What an Ideal Organization Structure for Multiple Websites Looks Like. This is What an Ideal Organization Structure for Multiple Websites Looks Like.[/caption] An optimal structure for the organization of many websites always means setting up an own, explicitly named folder for each of the websites, to which the respective domain will point. This makes for a clear overview, and mistakes are spotted more easily, as no heredity can occur.

A WordPress Installation Attempt

Not expecting my day to become exhausting, I started the installation of a website. I created a folder, moved the WordPress files into it, create an own wp-config.php with the correct information from the previously set up database, and called up the installation routine. http://mywebsite.com/wp-admin/install.php However, instead of the installation routine, I got to see the following error notification: Forbidden You don’t have permission to access /wp-admin/install.php on this server Even after many different attempts and tricks, I was not able to solve this issue. At one point, it became too much for me to handle, so I went ahead and fixed the problem with pincers.

The Interesting Answer to the Problem

My intuition made me test if I was able to access another file in the folder /wp-admin/ I created a file called temp.php, and entered the famous "Hello World." After I moved this file into the folder, I had no problem calling it up in the browser. So I attempted a trick with the .htaccess file and entered the following: https://gist.github.com/anonymous/f150f716934d2fcf0351ff913493b707 Of course, that didn't work out either. Why should it? More on that later. First, I had to solve my problem.

Turn the temp.php Into the install.php

Accessing the temp.php I created in the folder /wp-admin/ was no problem. So I copied the content of the install.php into my temp.php and adjusted it a little. Read the exact procedure here: Solving WordPress Errors: 403 Forbidden for /wp-admin/install.php Now, I was able to install WordPress without any issues. And from this point on, I could have easily found the real cause of the problem. Unfortunately, I didn't have a mirror at hand, though. Only after I published an article about my unconventional solution to the error, the actual cause of the error came to my mind.

The True Reason for the Problem: the .htaccess Heredity

The error had a perpetrator and a cause. The perpetrator was me, as I always protect my websites from any security gaps. That was also the reason for the problem. Without thinking about it, I installed the WordPress for my first website in the server's main index. The following websites all went into own folders within the first website's WordPress installation. This means that the .htaccess file of the first installation affects all files and folders in said installation. Including the other websites. That's because a heredity occurs. The first website for my standard .htaccess file. The according excerpt: https://gist.github.com/anonymous/349716c9d7fb095976b42b96418c4dbf This entry is highly efficient and prohibits any access to the install.php. If the file happens to be in a subfolder of the first installation, this entry will be in effect there as well. This is logical. But you have to come up with that first.

Conclusion: A Lot of Experience Does Not Protect You From Stupid Mistakes

Even webmasters and developers with lots of experience make mistakes. It is hard to admit this, but it's true. Sometimes, you just miss the forest for the trees. It's important to drill down on the mistakes so that you can learn from them. You'll grow with errors and their solutions. I learned multiple things in that regard. My next time frame will be used for the reorganization of my server so that I can prevent this type of mistake from ever being made again. (dpe) Image by Karsten Paulick from Pixabay

Andreas Hecht

Andreas Hecht is a journalist and specialist for WordPress and WordPress Security. He roams the web since its inception. He has published an ebook on WordPress Security, which you might want to take a look at.

One comment

  1. What’s really bizarre is that you’ve struggled with an NON experience-related problem. I’m around for quite a while as well and I’ve hit the same problem in the last period of time, on some servers used to host multiple websites. I’ve also seen, on some hosts, that WP doesn’t start if I don’t have the .htaccess file in place. Of course the wp kit doesn’t have it by default so I have to manually create it all the freakin’ time. It is generated after the install, but the install won’t start until you have a clear path specified in .htaccess. Because of heredity. I call it heresy.

Leave a Reply

Your email address will not be published. Required fields are marked *