Setting up a BadgeOS Site

This is a working page for setting up a badge-issuing website.

There were a few things I tripped over that may save you some time setting up your own site.

First, a few highlights:

  • Running LAMP on a home server.
  • WordPress and the 2017 theme.
  • HTTPS protocol for security.
  • BadgeOS for the badging system.
  • BuddyPress for social forum and membership registration.
  • Social Login to allow logging in using your Facebook, Twitter, or other accounts.

Issues Uncovered and Solved

Unrecognized URLs from BuddyPress

I ran into a problem where the /member, /register and other BuddyPress URLs weren’t being recognized.  The underlying cause was an inability to create or modify the .htaccess file which allows WordPress — and particularly BuddyPress — from controlling it’s own re-write rules that allow handling the URLs it would like to define.

.htaccess is a weak spot within WordPress. Being careless with this file can lead to hijacking your server.


The discussion in this forum touches on several of the pieces which must be in place:

  • Allow anyone to register (this is turned off by default for single-site installations of WordPress).
  • BuddyPress doesn’t work if you install WordPress in its own directory.
  • mod_rewrite must be enabled within Apache.
  • The DirectoryRoot in Apache must have permissions that allow overriding the FileInfo and Options directives.
  • The .htaccess file must be writable by the Apache process.

We’ll go into each of these below.

Allow Registration Setting

WordPress Install Location


Apache must be installed with the mod_rewrite enabled.  This tripped up others who experienced this same problem, but there is more than one cause.

mod_rewrite can be checked by running a .php page containing phpinfo(); and looking for the installed modules.

Directory Root settings


The .htaccess file may not exist until it needs to be created. For this reason, a search of the website’s DirectoryRoot may not turn up any .htaccess files.

Also note that .htaccess — by virtue of the name starting with a dot ‘.’ — is a hidden file.  FTP clients generally ignore hidden files unless you force them to display the files.

One way to force the creation of an .htaccess file — to test if Apache/WordPress have permissions to create and write the file — is to save changes to the Perma Links. Permalinks are essentially URLs that will be rewritten into a common format, so a change will force the creation of the re-write rules: .htaccess.

Leave a Reply

Your email address will not be published. Required fields are marked *