Clook’s Improved WordPress Setup – Good For Everyone Else, Shit For Me!
Affiliate Annoyances, Wordpress Add commentsA few times recently I’ve awoken to discover that one of my main sites, Lingerie Brands, has been down for several hours thanks to a corrupted .htaccess file. After taking a bit of advice I changed the permissions on my file to make sure it could not be written to. A week or two of uninterrupted traffic and I relaxed thinking all was well again.
Imagine my horror this morning though when I awoke and discovered a mail from my friend Lee telling me the site had been down all day. I logged into my FTP account and sure enough, the .htaccess file had been altered – again. The addition of a single “s” after all the wordpress stuff had knocked my entire site over.
So Who’s Been Dicking Around With My Damned Site??!!!
Well, as it transpires my issue is all thanks to a technology improvement at Clook. One of their support chaps informed me that
“We’ve recently changed the PHP setup slightly which makes scripts like WordPress, Joomla etc. run better as it gives them better permissions on the files. However it looks like your wordpress installation is now able to write to the .htaccess and its writing to it incorrectly”
At this point I was relatively unconcerned, after all wouldn’t Clook be able to sort this issue out for me by pushing their magic techie type buttons just like they always do?
Ummm… Apparently Not!
I was then asked if any of my plugins controlled the .htaccess file (there’s nothing I use that directly says it alters it) so I suggested one which dealt with redirects which was only on LB and one other low traffic site and therefore could be the culprit. Clook responded with
“I would definitely check into that first plugin, especially since it’s only installed on the one site. Since it does manage redirections, it could very well be the culprit. Please let us know what you find.”
I was unable to work out from the code if anything in there might be the villan of this piece but then I’m no programmer, so given that their new setup is clearly causing issues in some scenarios I felt certain they’d want to confirm or deny if that particular plugin could be causing the issue so they could perhaps gain insight for future situations. They were certainly interested enough to ask me to tell them about it.
Alas, “Unfortunately such coding issues are beyond our scope of support.”
Ah. OK then. I suppose they have to draw the line somewhere.
So It’s All Down To A Process of Elimination
Basically, this issue is likely to be down to a plugin performing wicked deeds somewhere. So all that Clook can suggest is a process of elimination. I switch off plugins I think might be causing the issue and wait to see if it happens again.
I find this sort of situation immensely frustrating. I can’t find out what is causing it because I have to wait for it to happen again (if my plugin purge doesn’t fix it), and I can’t stop it from happening again because of the new and improved write access. Perplexed I asked Clook if their new setup was changing file permissions and they told me that in fact
“Our changes don’t make it so that WordPress can modify the permissions on a file, but rather so that it can modify necessary files without you first having to change permissions.
This is noticeable when you try to make changes to a theme. Before the upgrade, you would have to individually modify the permissions on any files (header, footer, etc) before you could make changes to them, then you’d have to change the permissions back. Now that is not necessary.”
Well That’s Quite Good Isn’t It?
Quite a good, convenient change for most Clook users (they did say most people were very happy when I casually mentioned how I personally thought it was shit!). Also, it probably prevents the odd scenario where forgetful people change the permissions to “Yeah baby overwrite me!” and then forget to change them back, subsequently resulting in website hackage and general unhappiness all round.
It’ll also make the whole WordPress setup / customisation process easier.
Do I Like It?
Frankly no, I don’t like it one little bit. I hate the fact that I have handed control of my .htaccess files in particular to WordPress which can sometimes behave in unexpected and unstable ways thanks to its “aggregate” nature, which often results in conflicts. I don’t like that I now have an issue on a rather large site that I can exert no control over whatsoever. Honestly, I feel like an ancient occupant of Troy who has just wheeled in a rather attractive and unexpected garden ornament that’s just convieniently big enough to hold an entire murderous army and retired to bed for the evening. It’s only a matter of time!
It just seems nonsensical that I know where the issue comes from, how it can be stopped, and I simply can’t protect my file from it.
Ah Well, I Needed To Sort Out Uptime Monitoring Anyway
One reason this has been so damaging is that it’s tending to happen when I’m asleep here in Australia. This means the site has been down for an entire UK workday twice now, and I think there have been 2 or 3 other shorter outages which I’ve caught before too much damage was done. Lingerie Brands has gotten to a size where it probably should be monitored, so at least this situation means I’ll stop procrastinating and get it all sorted out. It will mean I’ll probably get woken up at some ungodly hour of the morning if (when) it happens again and will be incredibly grumpy the next time I contact Clook about it.
I did enquire if they might consider adding an opt out sort of system but was told they’ve applied it over all servers for consistency. If I want a customised setup I’ll need to pay for one.
Would I Still Recommend Clook?
Hmmm… I do still really rate their service. Despite me being severely pissed off about this issue I was still very impressed with their support which was prompt, curteous, and as helpful as they could be within the constraints of their role. However, I am deeply uncomfortable about not being able to prevent files I want protecting being overwritten. It just doesn’t feel right and I feel as if my control over my sites has been compromised.
Still, I certainly won’t be moving my site elsewhere so the fact I’m prepared to work through this issue rather than jumping ship must mean I still love them really. Only time will tell if continuing to use them is sustainable.
Now… Who Owes me a Favour?
I’m off to find some technically able type to look at the code of my suspect plugin to see if it is indeed the culprit. I certainly hope so, there’s nothing else I’m using that should be dicking about with the .htaccess file, but it’s always so hard to tell with WordPress!
May 19th, 2010 at 9:52 am
Couldnt you add a few extra NS records pointing to a different host. It would mean keeping them both up to date (there is software to autosync every x hours), it would mean that it for whatever reason your main host was down it would fail over to the second. Its a similar sort of setup to what we had at the ecommerce company I used to work at, we had 3 dedicated servers spread throughout the country.
It wont fix your problem, but it would stop your sites ever appearing to be down (unless BOTH servers were down).
If it was my sole source of income I would definately have this sort of system in place.
May 19th, 2010 at 10:13 am
See, that’s why I’m not a tech Shane… It’d never have struck me I could do that sort of thing. I just get my head down and get on with the marketing, LOL.
Good point, and one I should look into as all of my sites grow. It’s not as if hosting is that expensive compared with the cost of running two hosts.
May 19th, 2010 at 10:20 am
P.S. I’ve not got uptime monitoring sorted. I’ll get an annoying text if the site falls over when I’m asleep!
May 19th, 2010 at 10:43 am
Is this on Linux servers, if so you should still be able to remove the permissions on the .htaccess file, I cannot imagine that they have given php high enough permissions that they cannot be overridden by chaning the owner / group or permissions on the file… if its windows then I guess your stuffed.
May 19th, 2010 at 5:24 pm
Presumably this is a shared server? If you want to stop people d!cking around then really you need your own.
May 21st, 2010 at 7:08 am
I can recommend TSOHost as a host if you do decide to go the multiple host route – service, customer services and price are all amazing. Im sure one of the guys over there could help you out with the software to sync them as well. Take a look at their Clustered grid hosting. They do a decent affiliate scheme as well, 33% recurring if I remember correctly.
May 21st, 2010 at 8:49 am
Having the htaccess available to write to is not a problem. When you change for instance your permalink structure it needs to be writable as it’s done inside the htaccess file. So the problem is realy not the fact that your htaccess is writable and Cook is not to blame about that fact.
The addition of a single s to all your wordpress stuff is strange and can only be because of a setting inside your site which up untill now was undetected as the htaccess file was not writable or an intentional hack. A plugin does not go out and for the fun of it adds a s to everything where it is not supposed to.
So my guess is look at the settings and see if you can pinpoint the problem there or have someone look into the fact if it’s not a hacker that is buging you
Edwin
May 21st, 2010 at 3:49 pm
All my Clook Wp sites are working fine. I doubt its clooks fault and they are not really responsible for the code you choose to install.
May 22nd, 2010 at 12:10 am
Edwin & Andrea – NOWHERE in this post have I blamed Clook for this situation. I’m very much aware this problem originates with some sort of conflict caused by one of my plugins.
If the pair of you can take time to actually read this entire post properly you will see that I’m quite clearly stating that it is a good technology update but for me personally it is causing problems because of this problem I can’t get to the bottom of.
The point of the post is not to blame Clook, the point of the post is to show the frustrating situation I’m in where I know the issue is coming from something in my setup that re-writes the .htaccess file – and I can’t stop that from happening whilst I try to work out what in hells name is doing it.
I’m not at all comfortable with my .htacess file being writable in this way because of how much control it can exert over a site. The nature of WP means things can go wrong with installed plugins after several weeks of smooth running – usually right at the point you choose to go on a well earned vacation and promise your other half faithfully you won’t spend half your time on a laptop.
May 22nd, 2010 at 12:55 am
Kristy,
The part where you say “Would I Still Recommend Clook?
Hmmm… I do still really rate their service. ” etcetc did made me think you feel like it’s Clook’s fault while like I will say again this has nothing to do with that. It’s not even the fault of your htaccess file being writable and you feeling uncomftable with it.
I can also almost guerentee that it’s not a plugin that is adding random s’s to your htaccess file. A plugin does not go out and think well let’s today try something new and mess Kristy’s htaccess file up by adding a few ‘s somewhere. Like I said it must be a setting that is causing it which then triggers that plugin or you seriously need to look into the option of being hacked.
May 22nd, 2010 at 2:07 am
Hi Edwin,
Given my current situation I think it’s perfectly legitimate for me to be uncomfortable the file can’t be protected from overwriting. I’m blinking well stressed out about this mysterious malady that’s plaguing my site every 10 days or so.
The site is not being hacked, I had Clook check into that. They confirmed this was an issue within WordPress.
You’re right plugins don’t just decide to mess things up, but sometimes they just do!
May 22nd, 2010 at 2:11 am
Oh incidentally, my research into this situation has turned up it’s fairly common for people’s sites to be knocked over by WordPress corrupting the .htaccess file for one reason or another.
The suggested fix? Write protect your .htaccess file, very frustrating LOL
May 22nd, 2010 at 8:15 am
I was trying to help pinpoint the problem.
Why can’t you go in with FTP and set the file to write protect again? Is Clook doing a daily update and changing everything to unprotected again as that would be strange.
May 22nd, 2010 at 8:39 am
The new functionality means it doesn’t matter what write protection you have on your files… they will be altered anyway. This is absolutely great for the functionality of WordPress as it means people’s setups can do all the wonderful automated things it’s designed to without the need to change file permissions. i.e. today I was able to update wordpress on the blog here at the touch of a button, which was previously a pain in the ass task. Brilliant.
Alas in my case it also means I will need to go through my entire set up with a fine tooth comb trying to find what the issue is as I can’t simply go down the write protection route to solve the issue.
I’m not at all technical so I will have to hire someone to go through the whole site. I don’t really mind this *too* much though as we need to hire someone anyhow to help us redevelop the site and smooth out a few lumps and bumps that have come up as the site’s evolved.
May 24th, 2010 at 9:38 am
Kirsty,
If you need any help, please feel free to contact me. I’ve been a loyal lurker for quite a while. I’d be happy to repay all the knowledge I’ve sucked up by reading your posts with some assistance wherever I can help. You say you’re not a coder… well, I am. Let me know what I can do. Feel free to contact me via email. Cheers.
August 12th, 2010 at 9:22 pm
Kirsty,
I think you have the wrong impression about your .htaccess file, it can be written to with it’s default permissions, however the file can still be set to read only with the permissions of 0444. Hope that helps in the future!
August 13th, 2010 at 7:07 am
Why many thanks “helpful friend”! Wish someone at Clook could have told me that during my many “no are you absolutely serious there’s nothing I can do?” Type e-mails.
Really appreciate you dropping a line to let me know. The problem hasn’t re-manifested so I think perhaps the last WordPress update fixed the issue. Will change the permissions though – just in case.