Code in .htaccess causes 403 Forbidden error

  • Resolved maggrietjie

    (@maggrietjie)


    1 year ago

    Why would this code in my .htaccess file cause a 403 Forbidden error when trying to access my site?

    # Wordfence WAF
<Files "user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>
# END Wordfence WAF

    When I remove it from the file, the issue disappears.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @maggrietjie, thanks for getting in touch!

    I would double-check whether the standard code below (which inclues a . before user.ini alone rectifies the 403s.

    # Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
    Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
    Order deny,allow
    Deny from all
</IfModule>
</Files>
# END Wordfence WAF

    If not, check the contents of your .user.ini file definitely point to the correct path of the wordfence-waf.php file on your server:

    ; Wordfence WAF
auto_prepend_file = '/your/path/to/wordfence-waf.php'
; END Wordfence WAF

    If you don’t have a .user.ini file, that also might mean you need to remove Wordfence’s Extended Protection and try again using the settings appropriate for your server setup: https://www.wordfence.com/help/firewall/optimizing-the-firewall/

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Code in .htaccess causes 403 Forbidden error’ is closed to new replies.