Support » Plugin: W3 Total Cache » W3 Total Cache – Minify being blocked by .htaccess in wp-content

  • I’m trying to troubleshoot minify on W3 Total Cache. The URL rewriting component was failing with a frequent 403 forbidden error which I couldn’t understand. I eventually tracked the error down to the .htaccess file in the ./wp-content directory. This file contains the following code:

    <FilesMatch “\.(?i:php)$”>
    <IfModule !mod_authz_core.c>
    Order allow,deny
    Deny from all
    </IfModule>
    <IfModule mod_authz_core.c>
    Require all denied
    </IfModule>
    </FilesMatch>

    Now, I haven’t placed this there and I’m not sure if it ships with WordPress as standard or was put there by a security plugin. However, I briefly removed the file and the minify access returned immediately.

    Obviously, if removing this .htaccess makes my WordPress install vulnerable, then I have to reinstate it (which I have – I’m not stupid!). Has anyone got a workable long-term solution to this problem so I can have minify work properly?

    https://wordpress.org/plugins/w3-total-cache/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Seems a bit overkill. I would remove that and suggest telling it to protect your upload folder(s) from PHP files/execution. As this is where hackers will attempt to inject and execute them from. Then it won’t be affecting your plugins execution, etc.

    For example:

    <LocationMatch "/uploads/.*(?i)\.(php3?|phtml)$">
         Order Deny,Allow
         Deny from All
    </LocationMatch>

    I would do what 3Lancer has suggested there is no reason for you to block the files in the way that you are because most forms of attack as Lancer has suggested would be from .php files

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘W3 Total Cache – Minify being blocked by .htaccess in wp-content’ is closed to new replies.