Restrict PHP whitelist

  • Resolved Jason Chong

    (@dantianhealth)


    5 years, 11 months ago

    I am wanting to enable the discuz ajax function for article rating.
    It does not function due to a rule in .htaccess as below

    # Restrict Access to Theme and Plugins PHP Files
    RewriteRule wp-content/plugins/(.*\.php)$ – [R=404,L]

    I have attempted to whitelist the wpdiscuz by

    RewriteCond %{REQUEST_URI} !^/wp-content/plugins/wpdiscuz/utils/ajax/wpdiscuz-ajax\.php
    RewriteCond %{REQUEST_URI} !^/wp-content/plugins/wpdiscuz/utils/ajax/
    RewriteRule wp-content/plugins/(.*\.php)$ – [R=404,L]

    This is not working and I suspect I am missing something.
    When I try to save a rating it looks like ajax but it does not save the rating. Is there another php file that needs whitelisting to allow this to function?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support gVectors Support

    (@gvectorssupportmember)

    5 years, 10 months ago

    Hi @dantianhealth,

    Please leave the example URL.

    Thread Starter Jason Chong

    (@dantianhealth)

    5 years, 10 months ago

    Hi
    I found an issue with my whitelist code.
    I utilised this and it seems to work

    RewriteCond %{REQUEST_URI} !/wp-content/plugins/wpdiscuz/utils/ajax/wpdiscuz-ajax.php
    RewriteRule wp-content/plugins/(.*\.php)$ – [R=404,L]

    Hopefully someone else finds that useful if working to secure their site

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Restrict PHP whitelist’ is closed to new replies.