Image hotlink prevention excludes subdomains on multisite

  • Resolved Gone Fishin

    (@terryg-1)


    9 years, 2 months ago

    The image hotlink prevention feature keeps subdomain sites on multisite install from being able to properly display images used by plugins and even the WP core theme manager (theme thumbnails do not display).

    The syntax of the rewrite condition regex in the PREVENT_IMAGE_HOTLINKS section:
    “RewriteCond %{HTTP_REFERER} !^http(s)?://domain-name\.com”
    is the cause.

    I see that same syntax is used in the BLOCK_SPAMBOTS section, which would also block legitimate requests from commenters on subdomain sites.

    As a temporary fix, I have modified both regex expressions to:
    “RewriteCond %{HTTP_REFERER} !domain-name\.com”

    P.S. I don’t know if this is worthy of a separate thread, but AIOWPS always rewrites .htaccess placing its own code block at the very top. There are certain rules that I need to have at the very top, and thus whenever AIOWPS rewrites the file, it breaks certain functionality/integration of my site. IMO, once AIOWPS has established its code block (ie. at “# BEGIN/END All In One WP Security”), it should confine itself to rewriting only within that block and nowhere else.

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, there is a feature found under WP Security -> Firewall -> Custom Rules.

    This feature allows you to write your own custom settings for any option that writes the rules to the .htaccess file. What that means is that you don’t have to hack the code to make changes. All you have to is enable that feature in the plugin, copy the code added in the .htaccess file into the Custom Rules area. Disable that feature in the plugin and then edit the code to suit your needs.

    In regards to your second question above the plugin developers will look further into your suggestion.

    Thank you

    Plugin Contributor mbrsolution

    (@mbrsolution)

    I am marking this thread as resolved. No replies in 2 months.

    Thank you

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Image hotlink prevention excludes subdomains on multisite’ is closed to new replies.