Permalinks, query Mod-rewrite rules in HTAccess

Home Forums BulletProof Security Pro Permalinks, query Mod-rewrite rules in HTAccess

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • June 14, 2022 at 6:10 pm #41961
    Iris
    Participant

    Hello,

    I am a novice and would greatly appreciate help with a recurring issue.

    I keep my root htaccess file locked after discovering a code injection.  I have unlocked it a few times to allow the Yoast plugin to make some permalink updates it found necessary; locking again once reported finished.  I use /%postname%/.

    The issue is it seems the changes didn’t work after all. Yoast plugin reports that because my .htaccess file was not writable, (despite the unlocking etc above) updating it automatically was not possible.  It says the following mod_rewrite rules should be in my .htaccess file:

    RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f

    I have this:

    # CUSTOM CODE WP REWRITE LOOP START
# WP REWRITE LOOP START
# Rewrite|Redirect http to https|SSL & www to non-www
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteCond %{HTTP_HOST} ^www\.domainname\.com$ [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

    I see I have some of the code but not that below – where should this go?:

    RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

    I am confused about what code I should have and changes to make if any? Should I simply leave the htaccess file unlocked for a longer period of time?

    Your comments would be appreciated and thank you for your time.

    June 14, 2022 at 6:23 pm #41962
    AITpro Admin
    Keymaster

    Replace your existing WP Rewrite htaccess code in the 8. CUSTOM CODE WP REWRITE LOOP START BPS Root Custom Code text box with this Rewrite code below, click the Save Root Custom Code button and activate Root folder BulletProof Mode again.  If Yoast is still saying “the following mod_rewrite rules should be in your .htaccess file” then either dismiss that notice or ignore it.  BPS htaccess code contains all of the standard WP Rewrite htaccess code, but it is split up into 2 sections in your root htaccess file for technical reasons.

    # WP REWRITE LOOP START
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteRule ^index\.php$ - [L]
    June 15, 2022 at 3:31 am #41966
    Iris
    Participant

    Done, thanks so much for your prompt response.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.