Hi there,
I noticed something new about the 6.5 secure htaccess file is that out of the gate it’s not blocking UptimeRobot and also returns a 405 if I send a cURL request. I managed to solve the fact that UptimeRobot is blocked by using this which I found on the forum (placed in “9. CUSTOM CODE REQUEST METHODS FILTERED”):
# REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(UptimeRobot|uptimerobot.com).* [NC]
RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]
But a single, personal cURL request from my machine still seem to be returning a 405 error.
Do I need to whitelist myself in this instance?