The following entry in my .htaccess file was preventing a Wordpress .php script from executing and causing errors on my website.
<FilesMatch "\.(?i:php)$">
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</FilesMatch>
I have removed the entry and it resolved the problem. However, I don;t know if this has then left my website at risk. How would be the best way to allow a certain file to run (taxonomy-redirect.php) without causing any undue risk.
Removing this block altogether will allow execution of any .php
file and that might cause security issues.
You should allow just taxonomy-redirect.php
while still disallowing other .php
files using a negative lookbehind regex like this :
<FilesMatch "(?<!taxonomy-redirect)\.(?i:php)$">
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</FilesMatch>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.