fairywitch

I did do what you said, Otto. It wasn’t working though up until I did a few more things.

It is *resolved* – and I hope it is fixed for good. Both sites display images now. There was an update to WP Super Cache which I immediately used. Also, my host’s support line said that I should turn off CPanel’s Hotlink Protection. I turned it on 2 years ago almost and never looked at it again because I have been basically making my own and after looking in there again, it seems very different to when I last looked at it! Support said it might have been conflicting. I did change the conditions & rule somewhat aswell. I don’t know which one of those things did the trick, or, if all 3 did it together.

Thanks for your help. =)

OK – It’s pretty long. My sites have worked for over a year with this configuration though. Oh, and tell me what you mean with “backticks”?

Here you go:

suPHP_ConfigPath /home/xxxxxxxx/public_html
DirectoryIndex index.php index.html
Options All -Indexes
Options +FollowSymLinks

<Files .htacess>
order allow,deny
deny from all
</Files>

<Files php.ini>
order allow,deny
deny from all
</Files>

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?fairywitch.net/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?beewitched.fairywitch.net/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?fairywitchsims.com/.*$ [NC]
RewriteRule \.(jpg|jpeg|gif|png|bmp|rar|zip)$ - [F]

// edit by mod: Whole bunch of irrelevant bot blocking stuff was here...

# Begin - Rewrite rules to block out some common exploits
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
# End - Rewrite rules to block out some common exploits

# BEGIN WPSuperCache
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
AddDefaultCharset UTF-8
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} !.*s=.*
RewriteCond %{QUERY_STRING} !.*attachment_id=.*
RewriteCond %{HTTP_COOKIE} !^.*(comment_author_|wordpress|wp-postpass_).*$
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{HTTP_HOST}/$1/index.html.gz -f
RewriteRule ^(.*) /wp-content/cache/supercache/%{HTTP_HOST}/$1/index.html.gz [L]
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} !.*s=.*
RewriteCond %{QUERY_STRING} !.*attachment_id=.*
RewriteCond %{HTTP_COOKIE} !^.*(comment_author_|wordpress|wp-postpass_).*$
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{HTTP_HOST}/$1/index.html -f
RewriteRule ^(.*) /wp-content/cache/supercache/%{HTTP_HOST}/$1/index.html [L]
</IfModule>
# END WPSuperCache

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Edit by mod: Code-ified