Improving pattern in .htaccess
-
Hi there,
First off, thanks for a great plugin!
I’d like to give back by reporting an issue I noticed with version 1.7.9.2 (has this been fixed?)
The regex in the .htaccess URL rewrite for
wp-admin
could be improved. For example, in this autogenerated code block (the last block in a dynamically generated .htaccess file before the# END WP Hide & Security Enhancer
comment), when hiding/wp-admin
with the string “foobar”:RewriteCond %{REQUEST_URI} /foobar$ RewriteRule ^(.*)$ /foobar/ [R=301,L] RewriteRule ^foobar(.*) /wp-admin$1 [L,QSA] RewriteCond %{ENV:REDIRECT_STATUS} ^$ RewriteRule ^wp-admin(.+) /index.php?wph-throw-404 [L]
the pattern on the first line matches:
example.com/somepath/blog-page/foobar
which is unwanted.May I suggest that a caret be added at the start so that the pattern only matches URLs that *begin* with /foobar:
So
RewriteCond %{REQUEST_URI} /foobar$
becomes
RewriteCond %{REQUEST_URI} ^/foobar$
as /wp-admin should never be expected at the end of a URL in WordPress?
I noticed this rule running when accessing my WordPress admin with a bad copy/paste that contained a typo, so I changed the .htaccess file manually, but this change will get wiped out from any changes made by the plugin, so just wanted to flag it as a potential issue?
Thanks!
- The topic ‘Improving pattern in .htaccess’ is closed to new replies.