Default user avatar not loading anymore

Check your BPS Security Log for errors and post ONLY any errors that are directly related to the Gravatar/Avatar plugin(s).

Ok next do these steps.

1. Make a backup of your .htaccess files using BulletProof Security built-in Backup.
2. Activate Default Mode on the Security Modes page.
3. Use the Delete wp-admin .htaccess feature on the Security Modes page.
4. Test your plugin or theme. If the problem is still occurring then the problem is not related to BPS.
5. Restore your .htaccess files using BulletProof Security built-in Restore.

If the problem goes away after doing step 4 then BPS is blocking something that the plugin or theme is doing. Once you have confirmed this then these 2 plugins will be tested and a solution will be posted here.

Deactivating the BPS plugin only deactivates the BPS plugin itself and does not do anything else that would affect anything else. BPS is designed with the built-in troubleshooting tools instead as mentioned above to take BPS out of the equation for testing and troubleshooting. There may be some other issue/factor occurring that we are not aware of so these plugins will be tested to see if this is the case. The test results will be posted back here.

hmm yep that Query string is missing something. Where is the rest of the Query string? Query strings should look like this: default-user-avatar-not-loading-anymore?replies=7#post-4170710

The question mark in URL’s means a Query string starts here and then the parameters of the Query string follow the question mark.

Will be testing this plugin shortly.

You could probably whitelist the avatar.png file by adding it as shown below.

# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
# Only Allow Internal File Requests From Your Website
# To Allow Additional Websites Access to a File Use [OR] as shown below.
# RewriteCond %{HTTP_REFERER} ^.*YourWebsite.com.* [OR]
# RewriteCond %{HTTP_REFERER} ^.*AnotherWebsite.com.*
RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
RewriteRule .* index.php [F,L]
RewriteCond %{REQUEST_URI} (avatar\.png|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
RewriteCond %{HTTP_REFERER} ^.*example.com.*
RewriteRule . - [S=1]

For the Default Gravatar Sans plugin I do not understand what this plugin author is trying to do with the question mark. It does not make any logical sense for it to be there. Just delete them. My hunch is that this was never completed and forgotten about.

function local_default_avatar( $url )
	{
		if( $option = get_option( 'raoh_CustomDefaultAvatar') )
			$url = $option['url'];

		return $url . '?';
	}

or here

if ( 'blank' == $default )
			$default = includes_url('images/blank.gif') . '?';

Ah never mind I see what you are trying to do with both plugins. Allow users to upload their own avatar. Ok well by just making the code changes to the Default Gravatar Sans plugin then everything works fine.