that’s probably due to a false positive against “directory traversal attacks”, edit the critical CSS to change e.g. wp-content/theme/css/../images/ into wp-content/theme/images/ and all should be fine.
hope this helps,
frank
Hi Frank, thanks for your quick response.
That path does not exist within the critical CSS.
What I copy next is the only thing that looks like:
@font-face{font-family:’nm-font’;src:url(//mysite.com/wp-content/themes/savoy/assets/css/font-icons/theme-icons/fonts/nm-font.ttf?pm8hp9) format(‘truetype’),url(//mysite.com/wp-content/themes/savoy/assets/css/font-icons/theme-icons/fonts/nm-font.woff?pm8hp9) format(‘woff’),url(//mysite.com/wp-content/themes/savoy/assets/css/font-icons/theme-icons/fonts/nm-font.svg?pm8hp9#nm-font) format(‘svg’);font-weight:400;font-style:normal}
It was just an example, the thing is mod_security doesn’t like ../ being submitted in HTML forms. If you don’t have any of those in the critical CSS you’ll have to (have someone) check the mod_security logs for info on what other rule got triggered and based on that we can see if it can be fixed by tweaking the critical CSS.
@juanavall
remove this url on your css :
?pm8hp9
?pm8hp9#nm-font
I removed both strings and “../” and now it seems to work properly.
Thank you @optimizingmatters and @zidanpragata for your help!
