How to Install and Uninstall Astra Website Protection without a plugin in PHP sites (manually)
Congratulations on signing up for Astra Website Protection. Astra works with all PHP based websites, and this guide walks you through the process of installing & uninstalling Astra Website Protection plugin on PHP based websites without a plugin. Before we get started, please ensure your server meets the minimum system requirements.
After purchasing Astra Website Protection, login to the Dashboard
Navigate to the Website Protection page & click on the Complete Setup button
Complete the details in the Getting Started workflow as follows:
Enter the Full Website URL where you will install the plugin. For eg: https://www.getastra.com/blog
Enter a short nickname which will be displayed instead of the entire website URL
Select PHP as your website technology
Go to the next step, and click on the Download button to download the security engine
Click on the Show Activation Code button & copy the code to your clipboard
From the Astra Dashboard, also download the installer by clicking on Download PHP Installer
Now open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
Upload the files to the root of your website (public folder): getastra-vX.Y.Z.zip & astraInstaller.php
In your Web Browser, visit the astraInstaller.php URL. For example, example.com/astraInstaller.php
Follow the steps given in the screen to complete the installation
Open the Activation page either from the link in the Astra dashboard, or the installer. For example: example.com?astraRoute=api/login
If the Activation page does not open for you at the URL, it is possible that your server does not support the .user.ini file. Read this guide to fix this.
Enter the Activation Code which had copied from the dashboard
🎉 You've just successfully installed Astra Website Protection on your PHP based website
If you've installed the plugin on your PHP based website once and want to reinstall it, this guide is for you:
Navigate to the Settings page of the website in your Astra Dashboard
Scroll down and click on Re-install Astra button
Select PHP in the platform dropdown, and Download the ZIP
Now open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
If the getastra-premium folder does not exist on your server, follow the instruction in Step 2 - Extract the Astra ZIP on your server using the Installer mentioned above
Now visit the Activation page URL as shown in the dashboard. For example: example.com?astraRoute=api/login
If you are reinstalling on the same server then your plugin might already be activated, and no further action is required
If you see a button titled Enter Activation Key then you need to copy the Activation code from the dashboard and enter it here
Open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
Create a phpinfo page on your server
Search for the string auto_prepend_file in the phpinfo page contents
If the value in this field is empty, or does not have a path which contains getastra-premium/autoload.php then it means that Astra Website Protection is not installed on your site and you can skip the following steps
[Important] Now we need to remove the auto_prepend_file configuration, before deleting the getastra-premium folder
The auto_prepend_file configuration can be present in any one or many of the following files. Please make a copy of the file before removing the auto_prepend_file value. The actual path to the autoload.php file will vary server to server.
After you've removed the code, or commented it out - refresh the phpinfo page and check the auto_prepend_file value. You may have to restart your Apache/Nginx for the changes to take effect.
Once you've verified that the value is no longer set - delete the getastra-premium folder from your server to complete the uninstall
It is important to remove auto_prepend_file config before deleting the getastra-premium folder. Otherwise your website may encounter HTTP 500 errors due to server limitations.
How to Install Website Protection without a plugin
Step 1 - Download the Astra Website Protection ZIP
After purchasing Astra Website Protection, login to the Dashboard
Navigate to the Website Protection page & click on the Complete Setup button
Complete the details in the Getting Started workflow as follows:
Enter the Full Website URL where you will install the plugin. For eg: https://www.getastra.com/blog
Enter a short nickname which will be displayed instead of the entire website URL
Select PHP as your website technology
Go to the next step, and click on the Download button to download the security engine
Click on the Show Activation Code button & copy the code to your clipboard
Step 2 - Extract the Astra ZIP on your server using the Installer
From the Astra Dashboard, also download the installer by clicking on Download PHP Installer
Now open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
Upload the files to the root of your website (public folder): getastra-vX.Y.Z.zip & astraInstaller.php
In your Web Browser, visit the astraInstaller.php URL. For example, example.com/astraInstaller.php
Follow the steps given in the screen to complete the installation
Step 3 - Enter Activation Code
Open the Activation page either from the link in the Astra dashboard, or the installer. For example: example.com?astraRoute=api/login
If the Activation page does not open for you at the URL, it is possible that your server does not support the .user.ini file. Read this guide to fix this.
Enter the Activation Code which had copied from the dashboard
🎉 You've just successfully installed Astra Website Protection on your PHP based website
How to Reinstall Website Protection without a plugin
If you've installed the plugin on your PHP based website once and want to reinstall it, this guide is for you:
Navigate to the Settings page of the website in your Astra Dashboard
Scroll down and click on Re-install Astra button
Select PHP in the platform dropdown, and Download the ZIP
Now open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
If the getastra-premium folder does not exist on your server, follow the instruction in Step 2 - Extract the Astra ZIP on your server using the Installer mentioned above
Now visit the Activation page URL as shown in the dashboard. For example: example.com?astraRoute=api/login
If you are reinstalling on the same server then your plugin might already be activated, and no further action is required
If you see a button titled Enter Activation Key then you need to copy the Activation code from the dashboard and enter it here
How to Uninstall Website Protection without a plugin
Open the File Manger in your Hosting Panel, or connect to it via SSH or (s)FTP
Create a phpinfo page on your server
Search for the string auto_prepend_file in the phpinfo page contents
If the value in this field is empty, or does not have a path which contains getastra-premium/autoload.php then it means that Astra Website Protection is not installed on your site and you can skip the following steps
[Important] Now we need to remove the auto_prepend_file configuration, before deleting the getastra-premium folder
The auto_prepend_file configuration can be present in any one or many of the following files. Please make a copy of the file before removing the auto_prepend_file value. The actual path to the autoload.php file will vary server to server.
| File | Code Snippet to Remove | Notes |
|---|---|---|
| .htaccess | php_value auto_prepend_file /var/www/html/getastra-premium/autoload.php | Comment it out by changing php_value to #php_value |
| .user.ini | auto_prepend_file = /var/www/html/getastra-premium/autoload.php | Comment it out by changing auto_prepend_file to ;auto_prepend_file |
| php.ini | auto_prepend_file = /var/www/html/getastra-premium/autoload.php | Comment it out by changing auto_prepend_file to ;auto_prepend_file |
After you've removed the code, or commented it out - refresh the phpinfo page and check the auto_prepend_file value. You may have to restart your Apache/Nginx for the changes to take effect.
Once you've verified that the value is no longer set - delete the getastra-premium folder from your server to complete the uninstall
It is important to remove auto_prepend_file config before deleting the getastra-premium folder. Otherwise your website may encounter HTTP 500 errors due to server limitations.
Updated on: 29/05/2022
Thank you!