Thumbnail / Image Not Showing on Multisute subdomain
-
good day I had another issue with the images while uploading on the multisite it doesn’t show the thumbnail and also the actual image it self I have tried to read some fixes here in the forum but it didn’t work out our site is MST hope you can advice for a solution on this
here are the things I have already did upon trouble shooting
change the .htaccess to this
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]but it didn’t work out
I have also change the File Permission to 775 , still didn’t work
-
Can you link directly to a post with the issue?
Also what is the COMPLETE .htaccess file?
here is the link
here is the .htaccess content
# BEGIN WordPress # TURN OFF YOUR SERVER SIGNATURE ServerSignature Off Options -Indexes DirectoryIndex index.php index.html /index.php RedirectMatch 403 /\..*$ RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # uploaded files RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L] RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F,L] RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC] RewriteRule . - [S=12] # Comment Spam Pack MU Plugin - CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC] RewriteRule . - [S=11] # Peters Custom Anti-Spam display CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] RewriteRule . - [S=10] # Status Updater plugin fb connect RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . - [S=9] # Stream Video Player - Adding FLV Videos Blocked RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . - [S=8] # XCloner 404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC] RewriteRule . - [S=7] # BuddyPress Logout Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC] RewriteRule . - [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC] RewriteRule . - [S=5] # Login Plugins Password Reset And Redirect 1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . - [S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC] RewriteRule . - [S=3] RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F,L] RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] RewriteRule . - [S=1] RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR] RewriteCond %{THE_REQUEST} \?\ HTTP/ [NC,OR] RewriteCond %{THE_REQUEST} \/\*\ HTTP/ [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond %{THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|\.\.) [OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|%3c|%3e|%5b|%5d).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x5b|\x5d|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\./|\../|\.../)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (sp_executesql) [NC] RewriteRule ^(.*)$ - [F,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule . index.php [L] <FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"> Order allow,deny Deny from all #Allow from xx.xx.xx.xx </FilesMatch> # END WordPress # BLOCK HOTLINKING TO IMAGES # To Test that your Hotlinking protection is working visit http://altlab.com/htaccess_tutorial.html #RewriteEngine On #RewriteCond %{HTTP_REFERER} !^https?://(www\.)?manilastandartoday.com\.com [NC] #RewriteCond %{HTTP_REFERER} !^$ #RewriteRule .*\.(jpeg|jpg|gif|bmp|png)$ - [F]some of the codes are generated by the security plugins
Ow.
Turn off your plugins first of all. They’ve screwed your .htaccess but GOOD.
THEN revert to the DEFAULT .htaccess.
http://codex.wordpress.org/Multisite_Network_Administration#.htaccess_and_Mod_Rewrite
See if it works. If it does, we can start looking at the plugins.
This is probably okay, but it should be put ABOVE the WordPress calls, never after:
<FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"> Order allow,deny Deny from all #Allow from xx.xx.xx.xx </FilesMatch> # BLOCK HOTLINKING TO IMAGES # To Test that your Hotlinking protection is working visit http://altlab.com/htaccess_tutorial.html #RewriteEngine On #RewriteCond %{HTTP_REFERER} !^https?://(www\.)?manilastandartoday.com\.com [NC] #RewriteCond %{HTTP_REFERER} !^$ #RewriteRule .*\.(jpeg|jpg|gif|bmp|png)$ - [F]Also any plugin ‘changes’ to WP should be code OUTSIDE the WordPress lines. Preferably you put ’em in above, so they get checked first.
I disabled the 2 plugins that adds the additional code on our .htaccess, we use the Bulletproof Security and Better WordPress Security and the thumbnail is now showing what might cause the problem, need to secure our site
it’s now working on some subdomain but there are still other subdomain that doesn’t show the images hmmmmm weird.
Solved: I remove this line of code on the .htaccess it is generated by the BETTER WP SECURITY
RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L]Yeah, I can see that…
Huh. Time to tag this one for that plugin so they know about the conflict!
Yep that block of htaccess code is recommended on the WP Codex page for Hardening WordPress, but it does not work for MU Subdomain sites and in some cases MU Subdirectory sites. This .htaccess code was once included in BPS, but we discovered this same problem sometime last winter. The FilesMatch code in the BPS .htaccess file can go anywhere outside of the WP Rewrite loop. It is not an .htaccess directive that is dependent on rules or conditions and is “standalone” .htaccess code and go anywhere in .htaccess files.
Would you document that in your readme FAQ? 🙂
It’s actually already documented here >>> http://www.ait-pro.com/aitpro-blog/3454/wordpress-tips-tricks-fixes/wordpress-network-mu-images-not-displaying-images-not-displaying-in-media-library-images-not-displaying-on-website/
I try to keep the FAQ as simple as possible. 😉 What i have found in the past is that when i add help info about past issues that no longer exist is that i end up getting a lot of emails or posted questions about that old help / FAQ info. It seems that if you mention something then you are just asking to be asked questions about it. LOL So since the issue is already handled I don’t want to get asked questions about it. I think the post above is ranked fairly high in Google so if folks google it they will probably find that answer. 😉
Think of it this way: If someone has a problem, the FIRST place we look is the plugin repo page.
Does this work with netowork or multisite installations?
Yes.If that answer is “yes, BUT…” then you should document that. Heck just saying “Yes, but please read [linked post].” would work 🙂 Google ranks that page high, but the default assumption is always that the plugin repo page has the most accurate information. That’s why they’re there 😉
Yes you are absolutely correct and i could not agree with you more and the FAQ is filled up with every common question that gets asked. I guess i was not completely clear about this specific particular issue. In this particular case this issue was taken care of last January so since it was no longer an issue / relevant, the FAQ info was also removed from the Network / Multisite FAQ section.
- The topic ‘Thumbnail / Image Not Showing on Multisute subdomain’ is closed to new replies.