Bad Query Strings not working with WP-Pro-Quiz plugin

  • Resolved netcerebral

    (@netcerebral)


    8 years, 8 months ago

    When selecting Firewall > Advanced Firewall Protection > Deny Bad Query Strings and then attempt to go to the “WP-Pro-Quiz > Global Settings” page, the server throws back a “403 – Forbidden Access” error.

    The URL being requested is /wp-admin/admin.php?page=wpProQuiz_globalSettings

    By disabling “Deny Bad Query Strings” it works. So I dug into this and the issue is in the .htaccess file in the following location:
    #AIOWPS_DENY_BAD_QUERY_STRINGS_START
    RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]

    When I edit the .htaccess and remove the word “globals” from the rewrite rule everything works fine.

    My question is, how do I write a Custom .htaccess Rule to override this issue so I don’t have to edit the .htaccess directly?

    https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 8 months ago

    Hi, thank you for sharing your finding. One of the plugin developers will investigate further your issue.

    Regards

    Plugin Contributor wpsolutions

    (@wpsolutions)

    8 years, 8 months ago

    how do I write a Custom .htaccess Rule to override this issue so I don’t have to edit the .htaccess directly

    1) From your .htaccess file copy the rules from the existing “Deny Bad Query Strings” feature.

    2) Disable the “Deny Bad Query Strings” feature

    3) Go to the custom rules tab and paste the rules you copied from step 1 and modify them accordingly, ie, delete the “globals”
    Then save the custom rules.

    Thread Starter netcerebral

    (@netcerebral)

    8 years, 8 months ago

    Awesome thanks – works like a charm!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Bad Query Strings not working with WP-Pro-Quiz plugin’ is closed to new replies.