Problems with subdirectory install

  • Hello,

    On most of my projects I’m using subdirectory install. Basically that means that my website home_url is https://www.example.com, but site_url is https://www.example.com/wordpress.

    Recently, I discovered that some of the rules written by AIOWPS plugin into .htaccess file seem not to expect such setup. Namely, all rules that employs %{HTTP_REFERER} have their value set to site_url.

    For example, firewall rule that prevents image hotlinking is following: RewriteCond %{HTTP_REFERER} !^https://www.example.com/wordpress [NC]
    But as such it evaluates to true also for legitimate visitors of the site, because their referer starts with https://www.example.com, but rarely with https://www.example.com/wordpress (this holds only when they come from admin dashboard).

    Can you confirm the issue? I’m using the recent version of the AIOWPS plugin. Would be nice to have it fixed, now I have to remember to manually edit .htaccess file whenever I make changes to AIOWPS or remember which features not to use ?? I think just using home_url instead of site_url for referer check should solve this problem.

    Best regards,
    ?eslav

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 6 replies - 1 through 6 (of 6 total)
Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Problems with subdirectory install’ is closed to new replies.