5G Blacklist and image editing
-
Hi!
First let me congratulate you for the best security suite available to WordPress.
Sadly I had to disable 5G Blacklist firewall rules because otherwise I can’t edit images in WordPress. Searching the net for a solution I found this:Dave January 31, 2013 at 4:56 pm
A client discovered for me that the 5G (2013) Firewall interferes with the “Edit Image” tool bundled with WordPress:
Go to Media > Library, click on an image
Click Edit Image button
Click the Rotate button (for instance)
An error is displayed in red: “Could not load the preview image. Please reload the page and try again.”Through trial and error (me not being much of a regex or ajax guy), I found that modifying two lines of the 5G above fixes this:
1. Line 8, comment out or remove this line:
RewriteCond %{QUERY_STRING} (\”|%22).*(<|>|%3) [NC,OR]
2. Line 12, remove the ‘and’ from the string, so it becomes:
RewriteCond %{QUERY_STRING} (\;|\’|\”|%22).*(union|select|insert|drop|update|md5|benchmark|or|if) [NC,OR]
I’m sure those lines are useful, so hope 5G can be updated to allow Edit Image to work without giving up too much security ??
Regardless, thanks again for a brilliant piece of code for protecting our WP sites!
So the solution seems trivial and it would be great if you could review those lines and if the modifications don’t decrease the security significantly than if you incorporate the fix.
Regards,
Dawithhttps://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/
- The topic ‘5G Blacklist and image editing’ is closed to new replies.