Problem with Anti-Hotlink with WP Subdirectory Install

  • My WordPress Address is different from the Site Address, as I have a subdirectory install; WP Security may be generating too-specific a rule, as I am not seeing images on my own website.

    PLUGIN VERSION: 3.8.2
    WORDPRESS VERSION: 3.9.2
    STEPS TO REPRODUCE (note, I don’t have this rule currently active so the missing images aren’t showing)

    • Go to WP SECURITY > FIREWALL > PREVENT HOTLINKS
    • Enable “Prevent Image Hotlinking:”
    • View home page at https://davidseah.com; missing logo and slideshow images, missing featured images.
    • Confirm I can load the images directly in the browser; images actually exist

    My siteURL is https://davidseah.com. My wordpressURL, however, is in a subdirectory (for example: https://davidseah.com/myinstall).

    WP Security generates a rule that looks like this:
    RewriteCond %{HTTP_REFERER} !^http(s)?://davidseah\.com/myinstall [NC]

    Since my home page address is actually “https://davidseah.com”, I think the effect of this rule is that the referrer doesn’t match, and therefore the image is blocked. If I remove the /myinstall portion before the [NC], images seem to appear once again, though since I’m not that familiar with rewrite rules I don’t know if there are side effects that I’m introducing.

    In the meantime, I’ve just disabled this feature.

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Problem with Anti-Hotlink with WP Subdirectory Install’ is closed to new replies.