Installing WAM on WordPress

User 38401 Photo


Senior Advisor
10,951 posts

Hiya All,

Since I came across some difficulties using WAM on Wordpress I thought I'd share my recent findings with you after working with Scott all day yesterday to narrow down what was going on.

A default installation of Wordpress before adding or changing any Plugins, Widgets or Themes contains no .htaccess file. This file is the file that WAM either creates or appends to if one already exists. The difficulty I came across is that a few Plugins I was installing was creating an .htaccess file as well as code within it that negates the ability to use WAM. I'm sure many of the Plugins for Wordpress will change much over the years, but as of today 02/03/10 the 2 main ones that interfered were Light Social and User Lock. I'm sure there are many more out there that do a similar change or addition so here's what I did and what I'd suggest:

This will be a process of checks and balances guys, not a hard thing just a time consuming one so be prepared. But it worked for me to be able to track down what gets in the way and what doesn't for the WAM installation on Wordpress.

PLEASE READ THIS THROUGH PRIOR TO STARTING SO YOU UNDERSTAND FULLY HOW TO PROCEED
    1. Check your server to see if you have an .htaccess file already present and if so be sure to back this file up in case you need to refer to it or re-upload it. You may need to change your file & folder settings on your computer to allow you to see hidden system files in order to view this file. (see your windows version information about how to access these settings)

    2. Check to see what you are using currently that is actually utilizing the .htaccess file. If you're sure nothing is using it then delete it. If you are unsure, just make a copy of it as suggested in #1, and put it elsewhere for safe keeping for now. Do keep track of where you put it as you may need it again in this process.

    3. Install your Wordpress site as normal.

    4. Check to see if you have an .htaccess file after installation if you didn't have one already. Most likely there isn't one unless there was one there already. If there was one that you plan to leave in place, take note of the Date & Time last accessed.

    5. Install your WAM and be sure it's working prior to proceeding. If not then check to make sure the current .htaccess file is not causing it. To do this make sure you have it backed up, and then:
      a. Delete the .htaccess file.
      b. Re-upload your WAM files.
      c. Test the WAM and see if it works.
      d. If it works then you most likely already had a problem with the .htaccess file that was there prior to installing Wordpress which you'll need to look into. At this point I am unable to help you with this file as it had issues prior to the Wordpress install. Make a new post in the WAM forum section for assistance if needed.
      e. If it doesn't work then you have a problem with something other than the .htaccess settings and you can safely re-upload your .htaccess backup file back in place since it wasn't the problem.
      At this point you will need to track down what else is messing with WAM as it isn't the problem I'm outlining in here. Make a new post in the WAM forum section for assistance if needed.

    6. If you've determined that WAM is working as it should continue with the following steps.

    7. Install your first plugin.

    8. Check your .htaccess file time and date and see if it has changed. (keep in mind you need to refresh your server to see the changes of date and time)

    9. If it has changed, I would suggest you uninstall that Plugin, and re-upload the .htaccess file that you have copied for safe keeping and overwrite the one there. This will remove the changes the Plugin has made to the file.

    10. Install the next Plugin and repeat step #'s 8 & 9. Continue on this way as you go through the Plugins when you install them. Keep this practice when you install new Plugins at any time so you don't lose your WAM functionality on your server.

If you have knowledge of the .htaccess file, of course, do whatever you are able to then to check that code to see what it changed. I suggest the removal of the Plugin and the re-upload of the .htaccess file for those that are not experienced with the .htaccess file such as myself.

These are the steps I took and will continue taking to insure that my WAM program works as it has some great features that really add security to my servers. I hope I explained my process well and please don't hesitate to ask questions and I'll do my best to try to answer them. I'm not real familiar with the .htaccess file so that's why I posted this to let people know about the issue and address it from a laymen's view of these files, but if I can help find the problem I will surely do so.

**NOTE**
Always backup your .htaccess file prior to adding new Plugins if you do so after you've done the above just in case any changes were made that you aren't aware of between installations.

Plugins that seem to interfere are possibly those that change access rights, hence why User Lock changed it since it is a Plugin that blocks the user from logging in if they have tried their password 5 times and failed. I am unsure why the section that the Light Social added gets in the way. It's a Plugin that adds just a bar of social network sharing buttons under the blogs. If I find out more about why that might be a problem I'll post it here.
User 597929 Photo


Registered User
1,332 posts

Something related that I actually only fixed today with my own Wordpress installation (timely, no?):

In my server error logs I was getting an error every time someone (including me) accessed the blog:

(13)Permission denied: /home/(userID)/public_html/(Blog Folder)/wp-content/themes/(Theme Name)/css/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable


There's no .htaccess file in there, nor should there be. Took me a while to figure out the problem was the theme I'd installed set the css directory's permissions to 766 when they need to be 755. A quick chmod and the error message went away. Some Googling showed this is a fairly common problem so I figured I'd pass that along.
"You can't be a real country unless you have a beer and an airline - it helps if you have some kind of a football team, or some nuclear weapons, but at the very least you need a beer." -- Frank Zappa

Visit Spinland Studios: http://www.spinland.biz
User 2054918 Photo


Registered User
11 posts

just a little info. Once you set up pretty permalinks you will have a htaccess file on your wp install making this a bit more difficult so far for me at least.

I've got the wam working but the wordpress image uploader when writing a post or a page will stall and ask for a password that does nothing when one is entered

No plugins at all installed so no conflict there
User 2054918 Photo


Registered User
11 posts

I did get it to work first by giving my wordpress install its own directory then setting up wam in another subfolder.

I realize this will not help most people but I only needed to protect some files located away from the wordpress install

Here is how to give to "WordPress its Own Directory While Leaving Your Blog in the Root Directory" anyone is interested. I just started the site so I was not worried about broken links etc.

http://codex.wordpress.org/Giving_WordP … _Directory

Yup, I second what was said above... always and frequently make backups of everything before changing anything.
User 597929 Photo


Registered User
1,332 posts

I actually do have an .htaccess in the root folder of my blog, because it opens directly off the root of my main web site which is managed by WAM. Hasn't caused any problems to date, but I don't seem to be using any problematic plug-ins. The error in the log I referened tends to be pretty specific to the css sub-folder in some installed themes, where you're generally not going to be seeing .htaccess (which makes the error message pretty confusing).
"You can't be a real country unless you have a beer and an airline - it helps if you have some kind of a football team, or some nuclear weapons, but at the very least you need a beer." -- Frank Zappa

Visit Spinland Studios: http://www.spinland.biz
User 38401 Photo


Senior Advisor
10,951 posts

Yeah, my blog is installed directly into my root folder of my personal site also. I'm pretty sure though that the .htaccess file was created by the plugin though as I tried the same thing on an off domain that I use for messin' around with code and such and it didn't create one even in the default root directory. Definitely a plugin/theme problem. And I have heard that there are definitely themes that do this also.

I too have pretty permalinks turned on and I actually thought that might be one of the culprits too, but ....
After I uninstalled all plugins, removed the htaccess files completely, reuploaded WAM so all was working and then re-installed the plugins one at a time while checking the htaccess file... nothing happened or changed and pretty permalinks still works without having any problems with the htaccess changing back or WAM not working. Now it definitely could be that PPL put some code in the htaccess file originally, but apparently it doesn't need it to work, cuz it's not in the file now and PPL is still working, go figure.
User 562592 Photo


Registered User
2,038 posts

I am thinking about Purchasing WAM. However, I have a question for those who already use the program and have access to a server. I use server protected passwords, but I don't like the fact that I can't link it to a sign in and password box. A username and password box popups in the same window requesting username and password. Is the server protected password protection any better or worse than WAM? Should I get WAM or stay with server generated password protection?
The philosopher has not done philosophy until he has acted upon the mere conviction of his idea; for proof of the theory is in the act, not the idea.

My Web Development Company: http://www.innovatewebdevelopment.com (Created with Coffee Cup Software).

My Personal Website: http://www.EricSEnglish.com

User 597929 Photo


Registered User
1,332 posts

What sort of server-protected password system does your host use? The built-in server protection my host provider uses is .htaccess control, which is the same system WAM uses.
"You can't be a real country unless you have a beer and an airline - it helps if you have some kind of a football team, or some nuclear weapons, but at the very least you need a beer." -- Frank Zappa

Visit Spinland Studios: http://www.spinland.biz
User 562592 Photo


Registered User
2,038 posts

yea, its .htacess. But, i notice you have WAM, so why do you use that instead of your built in server protection?
The philosopher has not done philosophy until he has acted upon the mere conviction of his idea; for proof of the theory is in the act, not the idea.

My Web Development Company: http://www.innovatewebdevelopment.com (Created with Coffee Cup Software).

My Personal Website: http://www.EricSEnglish.com

User 38401 Photo


Senior Advisor
10,951 posts

If you have a server that already offers this protection then you really don't need WAM. I don't either for that matter but I like using software instead of server side programs because I can always take my settings with me wherever I go, whereas if you have so many things server side you can't do that so easily. That's one of my main reasons for loving the SCC since I can take that with me no matter what server I'm using. Makes it super versatile lol.

It's a preference as far as WAM goes though Eric so it's up to you, but for necessity's sake, no, you don't "need" it if you have it already with your server.

Have something to add? We’d love to hear it!
You must have an account to participate. Please Sign In Here, then join the conversation.