Heads Up – Need confirmation on this Whitelist skip/bypass code
-
A wp-remote user has reported that BPS is blocking wp-remote and I assume this block is occurring due to this new line of code in BPS .47.5 – RewriteCond %{HTTP_REFERER} ^.*your-website-domain-name.com.* [OR]. This particular filter is specifically designed to block remote file access, but a whitelisting can be added as shown below. My question is what would be the RewriteCond %{REQUEST_URI} condition for wp-remote? Does wp-remote need to access the URI for the wp-remote plugin folder? Thanks.
# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Only Allow Internal File Requests From Your Website # To Allow Additional Websites Access to a File Use [OR] as shown below. # RewriteCond %{HTTP_REFERER} ^.*YourWebsite.com.* [OR] # RewriteCond %{HTTP_REFERER} ^.*AnotherWebsite.com.* RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F,L] RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] RewriteCond %{HTTP_REFERER} ^.*your-website-domain-name.com.* [OR] RewriteCond %{REMOTE_ADDR} ^107.22.153.142 RewriteRule . - [S=1]
- The topic ‘Heads Up – Need confirmation on this Whitelist skip/bypass code’ is closed to new replies.
