web.config corrupts pages

  • A web.config file containing a rule to help prevent SQL injection is created in the wp-content folder, but it prevents some resources, e.g. Bootstrap components, from being served. (Proved with Fiddler). Using PHP 7.0x on IIS server. This web.config corrupts the page layout. I am using WP 4.9.5 and the Avoc theme. If the web.config is renamed or deleted, it is regenerated. I have grepped around for this in the code base, but I haven’t located it just yet.

    I did find a workaround– I think. I have altered the REGEX in the web.config’s rule, so it has no effect, but the file remains and hopefully won’t be overridden. I have some concern that I have just defeated some security measures.

    I don’t know yet if this is the WP core or a plugin or theme code itself is writing this file. It really messes things up.

    Bob

Viewing 1 replies (of 1 total)
  • Thread Starter Budsy

    (@budsy)

    Update: I just confirmed that the /wp-content/web.config file is re-written without a file existence check. So, my workaround fails. The site becomes corrupted repeatedly.

    Bob

Viewing 1 replies (of 1 total)
  • The topic ‘web.config corrupts pages’ is closed to new replies.