.htaccess directives removed when iThemes Security updates the file

  • Resolved Gal Baras

    (@galbaras)


    7 years, 12 months ago

    When iThemes Security updates .htaccess, it removes anything above its own section, rather than updating “between the flags”.

    This may be related to LiteSpeed or to the setting that protects .htaccess and makes it read-only.

    To recreate, just add anything above the iThemes Security section, make .htaccess read-only again and try to break into the site until banned. It may also happen when other things change, so updating some plugin settings (like turning Hackrepair on or off) may do the same.

Viewing 6 replies - 1 through 6 (of 6 total)

  • I seem to have the same issue.
    My .htaccess file gets re-written which makes my other plug-in not working.

    What to do?

    Thread Starter Gal Baras

    (@galbaras)

    As a workaround, edit the file manually and move rules below the iThemes Security blog.

    A fix, of course, will be better, but that’s up to the plugin developers.

    Hi,

    Security does move the code above the Security block below it, this is by design. It should not be removing the rules, and we haven’t been able to reproduce this. Are you able to email me the file before the error takes place to test with?

    [email protected]

    Please let me know.

    Thanks,

    Gerroald

    Thread Starter Gal Baras

    (@galbaras)

    Sent, along with what I think is the problem.

    Was there ever any resolution to this from Gerroald or the original poster? The workaround of putting the non-security rules at the bottom of .htaccess is not working for me. It still removes all non-iThemes Security sections.

    Thread Starter Gal Baras

    (@galbaras)

    This was resolved in a subsequent release by changing some regular expressions. I should have marked this issue as resolved.

    If you are using the latest version, please start a new thread and describe your issue in detail.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘.htaccess directives removed when iThemes Security updates the file’ is closed to new replies.