htaccess

  • Resolved iron0potassium

    (@iron0potassium)


    3 months ago

    Hey, devs,

    Do you realize that you are still deploying the “old-style”, Apache 2.2-compatible .htaccess files, with your plugin?

    Do you realize, that thus you are causing Error 500 everywhere your .htaccess files affect?

    The correct, new syntax for Apache 2.4 is not “Deny from all” but “Require all denied”.

    Could you update your plugins, so as to stop wrecking havoc everywhere? Much appreciated.

Viewing 1 replies (of 1 total)
  • Plugin Support Jarno Vos

    (@jarnovos)

    3 months ago

    Hi @iron0potassium,

    Thanks for your message: this one was already on our radar. It concerns the .htaccess file in the /uploads/ folder related to the feature “Prevent code execution in the public /uploads/ folder”.

    The upcoming release of the plugin will switch to a ‘hybrid’ variant that automatically uses the correct Deny from all/Require all denied syntax, based on Apache module availability.

    You can download a branch of the current release with only the aforementioned improvement from the GitHub link below, so you won’t have to wait for the update:

    https://github.com/Really-Simple-Plugins/really-simple-ssl/tree/bugfix/NL14RSP1-586-correct-deny-syntax2

    Hope this helps.

    Kind regards, Jarno

    • This reply was modified 3 months ago by Jarno Vos.
Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

Tags