.htaccess mod_authz_host error

  • Just noticed this .htaccess error in my logs (because we log this) :

    [Tue Apr 16 09:22:02.243219 2019] [core:alert] [pid 1040:tid 140433856091904] [client 78.231.40.241:50053] /data/www/example.org/www/wp-content/uploads/sites/3/wpdiscuz/captcha/.htaccess: Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration, referer: https://www.itfaq.nl/settlers-5-heritage-of-kings-op-windows-10-spelen/

    Please read https://www.saotn.org/wordpress-htaccess-security-best-practices-apache-24/ and https://www.ads-software.com/support/article/brute-force-attacks/#limit-access-to-wp-login-php-by-ip on why you must fix this.

    I’ve fixed it by editing all .htaccess files (wp-content/uploads/wpdiscuz/captcha/.htaccess, wp-content/uploads/sites/3/wpdiscuz/captcha/.htaccess) :

    <IfModule !mod_authz_core.c>
        Order deny,allow
        Deny from all
</IfModule>
<IfModule mod_authz_core.c>
        Require all denied
</IfModule>

<Files ~ "^[0-9A-Za-z_\-]+\.(png)$">
        <IfModule !mod_authz_core.c>
                Allow from all
        </IfModule>
        <IfModule mod_authz_core.c>
                Require all granted
        </IfModule>
</Files>
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘.htaccess mod_authz_host error’ is closed to new replies.

Tags