Title: Htaccess modified again
Last modified: March 1, 2026

---

# Htaccess modified again

 *  Resolved [cousineddie](https://wordpress.org/support/users/cousineddie/)
 * (@cousineddie)
 * [3 months, 1 week ago](https://wordpress.org/support/topic/htaccess-modified-again/)
 * So I noticed my .htaccess file is often randomly modified (I suspect by AIB) 
   which results in none of my images loading anymore in the backend (eg WP editor),
   the AIB dashboard coming up with an AJAX timeout/connection error, my RankMath
   SEO analytics graphs no longer loading, Elementor editor no longer loading, etc.
   This has become commonplace to the point that I know I will again need to recreate
   my htaccess file to get everything working again (as I did again just now). I
   checked the AIB logs and noticed this event in the audit log just prior listed
   as severity ‘critical’:
 * fim_alert
 * { “message”: “File integrity changes detected”, “files”: [ “.htaccess (modified)”]}
 * Is it possible to get a permanent fix for this frustrating issue?
 * thanks
    -  This topic was modified 3 months, 1 week ago by [cousineddie](https://wordpress.org/support/users/cousineddie/).

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [3 months, 1 week ago](https://wordpress.org/support/topic/htaccess-modified-again/#post-18837514)
 * **Hi [@cousineddie](https://wordpress.org/support/users/cousineddie/),**
 * Thank you for reporting this in detail. What you are experiencing is an environment-
   specific conflict with the Server-Level Firewall (`.htaccess` protection) rules,
   not a random bug. Let me explain what the log means and how we can definitively
   fix it.
 * **1. About the Audit Log “fim_alert”:** The message `File integrity changes detected:.
   htaccess (modified)` simply means that our File Integrity Monitor detected that
   _something_ changed your `.htaccess` file. This could be our own plugin updating
   block rules, or another plugin (like a caching or SEO plugin) rewriting it.
 * **2. Why are things breaking?** When the `.htaccess` file gets updated and includes
   Advanced IP Blocker’s “Server-Level Firewall” rules, it seems your specific server
   environment (perhaps LiteSpeed, or an active ModSecurity rule on your hosting)
   is misinterpreting the security directives. This is causing your server to return“
   403 Forbidden” errors or block access to legitimate background files (like the
   JavaScript needed for Elementor, RankMath, or the WP Editor to load). Because
   the files get blocked at the server level, the browser throws AJAX/Connection
   errors.
 * **How to get a permanent fix (The diagnostic steps):**
 * First, to stop the immediate frustration and get your site working while we diagnose,
   please go to: `Security > Settings > General` and turn **OFF** the **“Server-
   Level Firewall (.htaccess)”** feature. This will immediately stop AIB from writing
   security rules to that file. We recommend using the “Cloud Edge Defense (Cloudflare)”
   feature instead, as it provides the same performance benefits without touching
   your server files.
 * If you _want_ to keep using the `.htaccess` firewall, we need your help to isolate
   exactly which rule is causing the conflict on your server. To do this, we need
   to see the exact errors your browser is encountering when the site “breaks”.
 * **Please follow these steps:**
    1. Turn the “Server-Level Firewall (.htaccess)” back ON (so the issue replicates).
    2. Go to your WordPress Dashboard (or the Elementor Editor where the issue occurs).
    3. Open your browser’s **Developer Tools Console**:
    4.  - **Windows/Linux:** Press `Ctrl + Shift + J` (Chrome) or `Ctrl + Shift + K`(
          Firefox).
        - **Mac:** Press `Cmd + Option + J` (Chrome) or `Cmd + Option + K` (Firefox).
    5. With that Console panel open, **force refresh** the page (`Ctrl + F5` or `Cmd
       + Shift + R`).
    6. Look at the Console tab. You will see several lines of error text (usually in
       red), indicating which files failed to load (e.g., _Failed to load resource:
       the server responded with a status of 403 Forbidden_).
    7. Please copy and paste those exact red error lines here.
 * Those errors will tell us exactly which file or API endpoint your server is blocking,
   allowing us to adjust the rules for environments like yours.
 * Standing by for your results!
 * Best regards.
 * Advanced IP Blocker Team
 *  Plugin Author [IniLerm](https://wordpress.org/support/users/inilerm/)
 * (@inilerm)
 * [3 months, 1 week ago](https://wordpress.org/support/topic/htaccess-modified-again/#post-18839308)
 * **Hi [@cousineddie](https://wordpress.org/support/users/cousineddie/),**
 * I’m following up on this issue since we haven’t heard back regarding the browser
   console log.
 * Because we haven’t been able to replicate this behavior on our test servers (
   where we also run Elementor, RankMath, and heavy backend editors without issues),
   I suspect this is a highly specific conflict related to how background requests(
   AJAX/REST API) are being handled or intercepted in your particular environment.
 * To help you resolve this quickly—and to leave this as a helpful guide for the
   community—here is a step-by-step troubleshooting process for when backend editors
   or analytics graphs fail to load:
 * **1. Isolate the Plugin’s Protections (Global Exclusions)** Sometimes, aggressive
   security settings can accidentally block internal WordPress processes (like the
   ones RankMath or the WP Editor use to fetch data). We have a feature designed
   specifically to prevent this. Please go to **Security > Settings > General** 
   and look for the **“Global URL Exclusions”** text box. Add the following lines(
   one per line):
 * /wp-admin/admin-ajax.php
   /wp-json//wp-json/rankmath//wp-json/elementor/
 * etc ..
 * _Why this works:_ This tells Advanced IP Blocker to completely bypass Rate Limiting,
   Signature Challenges, and 404/403 monitoring for these essential WordPress communication
   channels, which usually resolves AJAX timeouts instantly.
 * **2. Check your WAF and Honeypot Rules** If you have added custom rules to the**
   Web Application Firewall (WAF)** or the **Honeypot URLs**, double-check them.
   A broadly defined rule (for example, blocking any URL containing the word admin
   or api .. etc) might be unintentionally catching legitimate requests from your
   SEO plugins or the WordPress editor.
 * **3. Server-Level or Third-Party Conflicts** Since you mentioned your `.htaccess`
   file being continually modified, it’s worth noting that AIB only writes to `.
   htaccess` when a new threat is detected (if the Server-Level Firewall feature
   is enabled). However, if the AJAX timeouts persist even after adding the exclusions
   in Step 1, the block might be happening _before_ the request even reaches our
   plugin:
    - **Other Security Plugins:** Are you running another security plugin simultaneously?
      Two firewalls can often conflict.
    - **Cloudflare / Hosting WAF:** Check your Cloudflare Firewall Event logs or
      your hosting provider’s WAF logs (like ModSecurity). Very often, heavy AJAX
      requests containing HTML payloads (saving a post in an editor) are blocked
      by Cloudflare’s Managed Rules, resulting in the exact timeout errors you are
      seeing.
 * Please try adding the Global URL Exclusions mentioned in Step 1 first. If that
   resolves it, we know the issue was an overly aggressive setting. If it doesn’t,
   I highly recommend checking your Cloudflare/Server logs to see what is dropping
   the connection.
 * Let me know how it goes or if you need help analyzing any server logs!

Viewing 2 replies - 1 through 2 (of 2 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fhtaccess-modified-again%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/advanced-ip-blocker/assets/icon-256x256.png?rev=3320247)
 * [Advanced IP Blocker](https://wordpress.org/plugins/advanced-ip-blocker/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/advanced-ip-blocker/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/advanced-ip-blocker/)
 * [Active Topics](https://wordpress.org/support/plugin/advanced-ip-blocker/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/advanced-ip-blocker/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/advanced-ip-blocker/reviews/)

## Tags

 * [htaccess](https://wordpress.org/support/topic-tag/htaccess/)

 * 2 replies
 * 2 participants
 * Last reply from: [IniLerm](https://wordpress.org/support/users/inilerm/)
 * Last activity: [3 months, 1 week ago](https://wordpress.org/support/topic/htaccess-modified-again/#post-18839308)
 * Status: resolved