[Plugin: Role Scoper] .htaccess rule forces all my images to be parsed by PHP

  • dreamyguy

    (@dreamyguy)


    14 years, 7 months ago

    Hi,

    I don’t remember where I got my plugin from, but I must have installed an outdated version. In my admin it stands as version 1.0.8 and there’s no auto-update link.

    Anyway, my problem is that the rules included by Role Scoper on my .htaccess file are – according to a specialist on the server side – forcing my images to be parsed by PHP in WordPress. That creates a massive load on the server, a load that has been going on the whole September and I will be charged soon enough, more than 10 times over the usual amount :'(. I use MediaTemple’s grid servers and they charge by GPUs (units that represent the overall load on the server, including processing, file requests and such.

    These lines (now commented off) are:

    #RewriteEngine on
#RewriteCond %{HTTP:Authorization} ^(.*)
#RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
#RewriteCond %{HTTP_REFERER} !^http://www.mysite.com/wp-admin
#RewriteRule ^(.*)wp-content/uploads/(.*) /index.php?attachment=$2&scoper_rewrite=1 [NC,L]

    So I have two questions:
    1. IF this rule is NOT in the latest version of Role Scoper, should I upgrade or make a fresh, updated install of Role Scoper?
    2. If this rule IS in the latest version of Role Scoper, what feature am I going to miss?

    Thanks beforehand,
    Wallace

    http://wordpress.org/extend/plugins/role-scoper/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Kevin Behrens

    (@kevinb)

    14 years, 6 months ago

    First, one correction… this does not affect all your images, but all images (or PDFs, etc.) in your wp-uploads folder.

    I’m sorry that Role Scoper’s attachment filtering caused performance issues for you. I try to make a habit of avoiding unnecessary code execution but in this case didn’t think it through carefully enough. Attachment filtering is an area that I’ve put a lot of redevelopment into lately and the fix will be available soon. To answer your questions:

    (1) In a few days, I will release a Role Scoper update with an improved attachment filtering model. In the new system, the .htaccess rules will trigger RS filtering only when a requested file is attached to a post/page that’s private or has read restrictions. All other requested images / attachments will be returned directly. Performance and reliability will also be improved by the returning approved content via redirect rather than PHP readfile().

    (2) With those rules disabled, any uploaded file can be accessed via direct URL even if its containing post/page is hidden from the user.

    If you are okay with (2) for now, you should also add the following line to wp-config.php to prevent Role Scoper from re-adding the rewrite rules back into .htaccess:

    <br />
define( 'DISABLE_ATTACHMENT_FILTERING', true );<br />

    Kevin Behrens

    (@kevinb)

    14 years, 6 months ago

    Scratch the br tags from that wp-config.php line; not sure how they got in there.

    Kevin Behrens

    (@kevinb)

    14 years, 4 months ago

    Role Scoper 1.1 Release Candidate with improved file attachment filtering is now available. Only files that are attached to private / restricted posts will trigger PHP processing.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Role Scoper] .htaccess rule forces all my images to be parsed by PHP’ is closed to new replies.