Support » Plugin: All In One WP Security & Firewall » Rule RewriteCond %{QUERY_STRING} https: [NC,OR] in Deny Bad Query Strings

  • Hi, i’m having the following redirect on one of the buttons https://site.com/login?redirect_to=https://site/url
    Enabling Deny Bad Query Strings in Firewall->Additional Firewall Protection
    is causing this redirect to malfunction, so i commented Rule RewriteCond %{QUERY_STRING} https: [NC,OR] and added all the modifications from .htaccess to Custom Rules tab after disabling Deny Bad Query Strings
    The question is whether this rule crucial for security and disabling it exposes the website to attacks? Another question if such a redirect poses a security risk and there’s need to implement it differently and enable the above rule?
    Thanks in advance.

Viewing 1 replies (of 1 total)
  • Plugin Author wpsolutions

    (@wpsolutions)

    hi @warrior7089,
    There will be times when for certain installations some of the firewall rules may not always be compatible. This is why we have put in the ability to disable and modify rules.
    I recommend that you try the 6G rules and leave the deny bad query strings disabled. The 6G rules are meant be the best “all-round” firewall rules.

Viewing 1 replies (of 1 total)
  • The topic ‘Rule RewriteCond %{QUERY_STRING} https: [NC,OR] in Deny Bad Query Strings’ is closed to new replies.