I prepared a copy on another website, which gives the same result.
https://www.sportscarsofengland.nl/en/widget-search-hippevegetarier/
Currently system file protection is switched off on this website.
So please, could someone give more clearity on this subject.
Hello @leonn1960,
The reason why the link is not working is that you are loading it via URL and not using relative path to the file in your code.
The protection is preventing any unauthorised requests to URLs under wp-content directory. You can keep it disabled to have the function working as it is now.
Alternatively, you can edit the way the file is being requested in order to fix this. Or you can add an .htaccess file rules in your wp-content folder:
<FilesMatch "build-search\.php">
<IfModule !mod_authz_core.c>
Allow from all
</IfModule>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</FilesMatch>
Best Regards,
Elena
Hi Elena,
I tried at first to only change the absolute path to only the relative path, but that was not enough (same error 403). But when I added the code to the .htaccess file in the wp-content folder it worked fine.
First try when I added this additional code at the beginning of the .htaccess it still gave the error, but when I shifted the code to the end of the file it was perfect.
Assumably this will be a feature in the plugin on short notice?
Thanks for support!
When the SiteGround Security “Lock and Protect System Folders” option is enabled it denies unauthorised direct access to any php file under wp-content directory. With the applied rules you have excluded the build-search.php file from the protection.
Following the best practices you can avoid calling the location via URL. You can include the file where it is defined in your code instead.
We are planing on implementing files exclude as an option. Still, I can not provide ETA when it will be done.
Best Regards,
Elena
