Riddling with WordPress permalink setup issues

WordPress is by far one of the best blogging platforms because of its easiness to use, easily available plug-ins and moreover the open source availability. I would later write an article on setting up a WordPress blog for free on a free aws instance.

Now lets move on to the topic.

What are permalinks?

A permalink as the name suggests is a permanent link or a permanent url to your blogs and posts. You can observe the url bar while reading this post. Here is the permalink of this post. WordPress allows us to customize the format of permalinks. You can do this on wp-admin: Settings>Permalinks.

What happens when you change the permalink settings?

When the permalink format is changed your path settings will also be changed. For example I changed my settings from Month and Name to Post name. That means Initially this post’s permalink was and now it is being changed to

So this change of settings should be informed to the server. Otherwise the server won’t understand where to look for the particular post. Ideally WordPress will tell the server to make necessary changes while we are saving the new permalink setting by writing it to a .htaccess file. This can be viewed by logging into your server and go the directory containing WordPress installation.

$ cd /var/www/html/

Now use your favorite commandline text editor to open the .htaccess file

$ nano .htaccess

If everything went well, you have successfully changed your site’s permalink.

Why am I getting a 404 error after changing the permalink settings?

I came across this error and I was totally out of ideas why this is happening. After a little research I have found the solution. Basically 404 error happens because of 2 reasons.

  1. WordPress didn’t generate a .htaccess file for you. This is highly unlikely. You can check if there exist an htaccess file in your WordPress home directory as shown above. If it is not there create one:

    $ sudo nano /var/www/html/.htaccess
    and copy paste the below to it# BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule># END WordPressPress ctrl+x and press y to save the file. And restart apache by

    $ sudo service apache2 restart

  2. The generated htaccess file is not being followed by server

    This was the mistake I came across with. You need to tell apache explicitly to follow the .htaccess file. You can do this by editing the apache2.conf file. If you are on Ubuntu,

    $sudo nano /etc/apache2/apache.conf

    Scroll down to the line <Directory /var/www/>
    By default it will be:

    <Directory /var/www/>

    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
    </Directory>change the value of AllowOverride to All so now it becomes:

    <Directory /var/www/>

    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    </Directory>Press ctrl+x and press y to save the configuration file. In order to make this changes to server first enable the mod_rewrite by.

    $ sudo a2enmod rewrite
    And then restart the server

    $ sudo service apache2 restart


Leave a Comment

View Comments

Recent Posts

How to migrate from LastPass to Bitwarden

As a LastPass user, you might have noticed the changes introduced last day. The message… Read More

2 years ago

Amazon AWS network security checklist

This post presents with a few bunches of AWS network security checklist. It is basically… Read More

3 years ago

The long curated web security checklist based on OWASP

What is this web security checklist? Here is a curated web security checklist for developers… Read More

3 years ago

Penetration Testing for dummies – Part 3: Networking basics

In the last part of the blog series we have seen the history of internet… Read More

4 years ago

Penetration Testing for dummies – Part 2: Understanding web applications

Welcome back budding pen-testers. :) In the first part of the blog series we have… Read More

4 years ago

How to enable SSH on Google Cloud Compute Engine

Last day I was riddling with Evilginx, a phishing attack tool. It needs to be… Read More

4 years ago