The SI CAPTCHA Anti-Spam plugin is now creating randomly named php temporary files and a deny all .htaccess file in this folder – /captcha/temp – for extra CAPTCHA security. In order for these temporary randomly named php files to be whitelisted in the Plugin Firewall you will need to add this additional Plugin Firewall Whitelist rule, which uses Regex match all (.*) characters to match any randomly named php file in the /captcha/temp folder.
/si-captcha-for-wordpress/captcha/temp/(.*).php
There are a total of 3 Plugin Firewall Whitelist rules for the SI CAPTCHA Anti-Spam plugin that need to be added to the Plugins Script/File Whitelist Text Area.
The 3 Whitelist rules are:
/si-captcha-for-wordpress/captcha/securimage_show.php, /si-captcha-for-wordpress/captcha/si_captcha.js, /si-captcha-for-wordpress/captcha/temp/(.*).php
Or if you want to add these Whitelist rules directly into the Plugin Firewall .htaccess file
The 3 Whitelist rules are:
SetEnvIf Request_URI "/si-captcha-for-wordpress/captcha/securimage_show.php$" whitelist
SetEnvIf Request_URI "/si-captcha-for-wordpress/captcha/si_captcha.js$" whitelist
SetEnvIf Request_URI "/si-captcha-for-wordpress/captcha/temp/(.*).php$" whitelist