HMWP breaks redirect to login

This topic is: not resolved

Tagged: broken links, broken redirect

This topic has 14 replies, 2 voices, and was last updated 5 years, 9 months ago by Suman M..

Viewing 15 posts - 1 through 15 (of 15 total)

Save

Author

Posts
September 17, 2019 at 5:38 pm #27585

advantagen
Active
Post count: 14

It seems that HMWP is breaking dynamic links/redirects to log in on my site. So for example, /wp-admin/edit-comments.php?comment_status=moderated&comment_type=review used to be a valid link, and now it says “The page or listing you are trying to reach no longer exists or has expired.” …unless the person is already logged in, at which point the link works again.

This also happens when contributors try to edit posts they have access to.

Is there some way to work around this? I’d hate to have to ditch the plugin just because of that, but it’s causing confusion with my users.

September 17, 2019 at 5:41 pm #27586

advantagen
Active
Post count: 14

P.S. I do not have Canonical Redirects disabled

Attachments:
You must be logged in to view attached files.

September 17, 2019 at 5:47 pm #27588

advantagen
Active
Post count: 14

P.P.S. I’m manually configuring the .htaccess file, and this is what I have (with the admin login key removed for security reasons):

# BEGIN Hide My WP

RewriteRule ^other/js/embed\.min\.js /wp-includes/js/wp-embed.min.js?qIu_hide_my_wp= [QSA,L]
RewriteRule ^vantage/(.*) /wp-content/themes/vantage/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^skin_main/style\.css /index.php?parent_wrapper=1&qIu_hide_my_wp= [QSA,L]
RewriteRule ^skin_main/(.*) /wp-content/themes/vantage/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^other/(.*) /wp-includes/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^file/(.*) /wp-content/uploads/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^ext/(.*) /wp-content/plugins/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^skin/main\.css /index.php?style_wrapper=1&qIu_hide_my_wp= [QSA,L]
RewriteRule ^skin/style\.css /nothing_404_404?qIu_hide_my_wp= [QSA,L]
RewriteRule ^skin/(.*) /wp-content/themes/child-theme/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^ajax /wp-admin/admin-ajax.php?qIu_hide_my_wp= [QSA,L]
RewriteRule ^inc/(.*) /wp-content/$1?qIu_hide_my_wp= [QSA,L]
RewriteRule ^(readme\.html|license\.txt|wp-content/debug\.log|wp-includes/$) /nothing_404_404?qIu_hide_my_wp= [QSA,L]
RewriteRule ^(((wp-content|wp-includes)/([A-Za-z0-9\-\_\/]*))|(wp-admin/(!network\/?)([A-Za-z0-9\-\_\/]+)))(\.txt|/)$ /nothing_404_404?qIu_hide_my_wp= [QSA,L]

# END Hide My WP

September 17, 2019 at 9:57 pm #27598

advantagen
Active
Post count: 14

By temporarily removing the last line in the HMWP section of the .htaccess file, I think I’ve worked around the issue. From what little I can tell though, this will reduce the level of protection I’m receiving. So I still welcome your thoughts.

September 19, 2019 at 6:49 am #27619

Suman M.
Post count: 12480

Hi, please do these:

– empty out API Base and API query fields in Permalinks & URLs tab
– empty out Ajax URL field

Let us know!

September 19, 2019 at 9:04 pm #27642

advantagen
Active
Post count: 14

I’m afraid that made no difference. Any other advice?

September 20, 2019 at 6:37 am #27645

Suman M.
Post count: 12480

Can you please let me know the exact steps to re-generate the issue, so that we can check it at our end. Thanks!

September 20, 2019 at 7:54 pm #27654

advantagen
Active
Post count: 14

Well to completely duplicate it, you’d need to be using my theme (Vantage from AppThemes), and then clicking on a link to moderate a comment while logged out. I can send you a copy of the theme if you let me know where to send it. (Can I upload it here and set it to private??

That is, it’s not an issue if you’re already logged in. It’s only an issue with the login redirects.

I thought that the issue was resolved by removing the last line in the .htaccess file, but it seems that only disabling the HMWP plugin altogether resolves the issue.

Once i do that, it properly redirects to:

[my domain]/login/?redirect_to=https%3A%2F%2F[my domain]%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated%26comment_type%3Dreview

…which of course then redirects to the original link, once logged in successfully.

September 21, 2019 at 5:37 pm #27660

Suman M.
Post count: 12480

This reply has been marked as private.

September 22, 2019 at 12:59 am #27665

advantagen
Active
Post count: 14

Ok great, email sent, and no, I don’t use any redirect plugins. The login redirects are built into the theme itself.

I welcome your thoughts and hope we can get this worked out as I’d love to be able to continue using the plugin.

September 23, 2019 at 4:35 am #27684

Suman M.
Post count: 12480

This reply has been marked as private.

September 23, 2019 at 9:54 pm #27695

advantagen
Active
Post count: 14

This reply has been marked as private.

September 25, 2019 at 5:05 am #27707

Suman M.
Post count: 12480

This reply has been marked as private.

October 3, 2019 at 2:41 am #27808

advantagen
Active
Post count: 14

I reactivated HMWP, copied/pasted settings that I saved previously, saved them, and then un-checked the box for hiding wp-admin, logged out, and tried to click the same link again, only to find the ‘Page Not Found’ once again only this time the page was all messed up with broken formatting/CSS. In fact, I couldn’t even get logged in again until I deleted the plugin via SSH. I’m at my wits end with this thing and starting to regret ever purchasing it.

Any final advice before I give up altogether?

October 3, 2019 at 5:43 am #27817

Suman M.
Post count: 12480

Hi, that’s strange. Simply disabling “Hide Admin” option shall not cause such issue. May be that HMWP rules are not added in .htaccess file?
Please, activate the plugin, apply the settings (disable ‘Hide Admin’), add HMWP rules in htaccess file, clear cache if any.
Let us know. Thanks!
Author

Posts

Viewing 15 posts - 1 through 15 (of 15 total)

Save

You must be logged in to reply to this topic.

Attachments: