Bunzer

I guess that’s a No then.

I’ll look into turning the header into a CSS background. Maybe that will work.

Uninstalled. Too much work to maintain.

I am confused & I see the same as Handoko. Only one (original) size of image in FTP uploads and by download link, no matter what size I buy.

BTW I have WP Settings > Media set for Thumbnail 80×80, Medium 300×300, Large 1024×1024. Each image has 5 copies in standard WP upload folders: original, 3 above, and 1 624px wide (twenty twelve featured).

Is Sell Media supposed to create listed sizes on upload? Cos it ain’t. Are there some instructions somewhere I’m missing?

I don’t think there’s a problem with CIDR notation. I checked the Apache 2.2 documentation. All my blocking rules seem to work under test, so I’m happy it’s all good now.

I think I am introducing the custom 403 block by filling out the badbots section with blanket rules. Ideally, I wanted to say “block everything except robots.txt and 403.php”, but you can’t do negatives in the Files/FilesMatch container, as far as I know.

Apparently, FilesMatch “.*” is equivalent to no FilesMatch container at all, so I removed it. Adding the separate FilesMatch for the two file exclusions is enough to stop them being blocked by the following blanket rules. I tested this, and I get a nice 403 in a black-bordered box.

If you are interested, I can provide the code I settled upon. It might be worth adding it to your default, as it gives a good starting point for blanket blocking harvesters and IP ranges.

This with above code hidden…

Forbidden

You don’t have permission to access /yorkshire/cawood/ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

It may be something I added to the last block. I haven’t got any more time this weekend, but I can have a go on Monday, to check.

I saw that, and I fully understand what you’re saying.

What I’m saying is that, by blocking an IP or user agent from the website, it is unable to display the 403.php you described, and the server issues a double 403 – i.e. it issues a custom 403 which is blocked causing another 403.

I added the above code so that even a blocked computer could at least access robots.txt and the custom 403 page.

Without that bit of code, I was getting a default 403, rather than the custom page because trying to display the custom 403 gave another 403! ??

I think I got it working…

<FilesMatch “(robots\.txt|403\.php)$”>
Order Allow,Deny
Allow from all
</FilesMatch>

<FilesMatch “^(wp-comments-post\.php)”>
Order Allow,Deny
Deny from 46.119.35.
-etc-
Allow from all
</FilesMatch>

BrowserMatch ^-?$ badrobot
BrowserMatch Ahrefs badrobot
-etc-
Order Allow,Deny
Deny from env=badrobot
Deny from 5.45.202.0/24
-etc-
Allow from all

Everything is in place. It’s what I have in the last block which seems to be the problem. I think the problem may be with my implementation of the Files/FilesMatch containers. Here is what it looks like (edited for brevity).

<FilesMatch “^(wp-comments-post\.php)”>
Order Allow,Deny
Deny from 46.119.35.
Deny from 46.119.45.
-etc-
Allow from all
</FilesMatch>

BrowserMatch ^-?$ badrobot
BrowserMatch Ahrefs badrobot
-etc-
<FilesMatch “.*”>
Order Allow,Deny
Deny from env=badrobot
Deny from 5.45.202.0/24
-etc-
Allow from all
</FilesMatch>

<FilesMatch “(robots\.txt|favicon\.ico|403\.php)”>
Order Allow,Deny
Allow from all
</FilesMatch>

I removed the last section and the problem continued, so I’m guessing it’s the middle section which is cancelling out the first.

I have done it this way because I wanted a neat way of issuing the BPS custom 403 even though access was denied (causing a double 403).

Any alternative methods suggested would be greatly accepted, as I’m not great at this stuff.

It’s a bit above my level, I’m afraid. But the plug-in works great anyway. Cheers.

Oh dear, I see what you mean.

After some more searching, I found a discussion about hacking one of the php files to make equal user level editing possible (https://www.ads-software.com/support/topic.php?id=29221). I have now done this, as well as giving myself a second login for posting, with the same user level. It works a treat.

I’ve just been over to the Requests and Feedback forum, to see if a suggestion has been made to create a set-up option for this, but I couldn’t search that forum separately, and I couldn’t see anything relevant listed. Being a newbie, I thought I’d better keep my gob shut.