Firewall|Custom Rules – bug when pasting text with escaped characters

  • Resolved aldemarcalazans

    (@aldemarcalazans)


    8 years, 7 months ago

    I noticed that, if I paste a .htaccess rule with escaped characters in the text field of “Custom Rules”, after clicking the “Save the Custom Rules” button the escaped characters are transformed in “twice escaped characters”. Example: for the .htaccess rule below

    RewriteCond %{REMOTE_ADDR} !^192\.168\.

    If I paste this rule it the text field and then save it, the resulting .htaccess text will be:

    RewriteCond %{REMOTE_ADDR} !^192\\.168\\.

    Notice that was inserted a second backslash beside the original one. This is enough to turn the rule invalid, and block the access to the site, in some cases.

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    Ok thanks for pointing this out.
    I will apply a fix for the next release.

    I’m entering just to report this problem too, when I found it’s already posted, hope you fix it soon ??

    I also report another huge problem, the plugin folder (all-in-one-wp-security-and-firewall) must be secured through htaccess, it contains some dangerous files like the wp-security-log.txt file and the DB backup files.

    Thanks for the great plugin.

    @mahieddineakeo Please, do not hijack the thread – if you want to report a different problem, create a new thread for that. Make it easier for devs to find and fix problems with the plugin ??

    This has been fixed in the new version.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Firewall|Custom Rules – bug when pasting text with escaped characters’ is closed to new replies.