Support » Plugin: All In One WP Security & Firewall » Conflict w/ 6G and phpMyAdmin

  • Resolved svacontact

    (@svacontact)


    I am running AWS Linux2 with latest versions of LAMP. Ran into an interesting problem that was causing a 404 when attempting to access phpMyAdmin (over https). After some lengthy troubleshooting, I traced it to the following 4 lines in the 6G Query Strings section of .htaccess:

    #RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
    #RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR]
    #RewriteCond %{QUERY_STRING} (\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
    #RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]

    Not sure if this has been reported. If so couldn’t find it.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    After some lengthy troubleshooting, I traced it to the following 4 lines in the 6G Query Strings section of .htaccess:

    The 6G rules is the most complete protection you can use out of all the firewall rules in our plugin. However in some cases it will conflict with other settings in a site or server.

    If you still want to use 6G rules, you can do the following. Add the edited entries into our Custom Rules tab. This is located in WP Security -> Firewall -> Custom Rules.

    Let me know if you need more information or help.

    Thank you

    Thanks for the response and suggestion! Wasn’t really requesting support, just wanted to pass this on to hopefully save someone else some time when troubleshooting phpMyAdmin issues. I have narrowed this down further to these 2 lines in 6G which cause 404s:

    RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
    RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]

    And this line in the AIOWPS firewall settings which cases a javascript error:

    RedirectMatch 403 config\.

    Versions as follows:
    Apache: 2.4.39
    MySQL: 10.2.10-MariaDB
    php: 7.2.16
    phpMyAdmin: 4.8.5

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, thank you for providing more information. I am sure your solution will help others with a similar problem.

    I am marking this thread as resolved.

    Enjoy the plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.