SetEnvIf not allowed by hoster – Plugin firewall gives 500 error

Home Forums BulletProof Security Pro SetEnvIf not allowed by hoster – Plugin firewall gives 500 error

Tagged: 

This topic contains 1 reply, has 2 voices, and was last updated by  AITpro Admin 4 years, 5 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #12436

    Schneider
    Participant

    Hi, unfortunately my hosting provider does not support the SetEnv directive in htaccess files.  This means if I enable the plugin firewall I get http error 500.  As soon as I delete the plugin firewall htaccess-file everything works again (e.g. display of icons located in WP plugins in dashboard).  Is there any alternative to that approach in the htaccess-file?

    #12441

    AITpro Admin
    Keymaster

    The simplest solution would be to do these steps:

    1. Go to the B-Core >>> htaccess File Editor >>> manually edit your Plugin Firewall .htaccess file and delete (copy them first to a Notepad text file on your computer before deleting them) all of the SetEnvIf Request_URI rules between # BEGIN WHITELIST: Frontend Loading Website Plugin scripts/files and # END WHITELIST and save your edits/changes.  You will also need to manually delete “Allow from env=whitelist” in the FilesMatch section of code in your Plugin Firewall .htaccess file.

    2.  Go to the Security Modes page, scroll down to the Plugin Firewall area/section, click on the Additional Whitelist Tools Accordian tab and you will see the Plugin Override tool.

    3.  You will need to add plugin folder paths for all the plugins that need to be overrided.

    The BPS Pro plugin needs to have an override / plugin folder path entered/added. You will see a similar path displayed to you above the Plugin Override text box:  /xxxx/xxxxx/html/forum/wp-content/plugins/example-plugin.  Copy this path into the text box and change the plugin folder name from “example-plugin” to an actual plugin folder name that needs an override added in that plugin folder and click the Add button.  For BPS Pro that plugin folder name would be:  bulletproof-security

    Example:  /xxxx/xxxxx/html/forum/wp-content/plugins/bulletproof-security

    You would repeat this process for each plugin that needs to have an override added to that plugin’s folder.  From the list of SetEnvIf Request_URI rules you copied to your computer you should be able to get all the plugin folder names from those SetEnvIf rules.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.