[Defender Pro] Defender Pro Security Tweak bug

When using the Prevent PHP Execution tweak, you can add “exceptions” to allow some files to run.

I recently had to add a file, however the instructions state to put in the full path to the file, however when it adds the file to the .htaccess file it strips out all of the / (slashes) leaving a file thats a long name like:

wp-contentpluginsplugindirincludesprettyfilelist.php

Hence it doesnt work.

I had previously “resolved” this so added the exception from the resolved list (rather than the unresolved list) just in case that makes any difference.

Mark

  • Adam
    • Support Gorilla

    Hi Mark

    I hope you’re well today and thank you for reporting it!

    I’ve just tested it on my test sites and I can fully confirm the issue. It seems we’re dealing with a bug here that our developers will have to fix in the plugin.

    I have already submitted bug report to them so they’ll look into it and will create a fix that will most likely be included in one of upcoming releases of Defender – so please keep the plugin up to date.

    As a workaround, until fix is released, editing .htaccess file manually should help. Once you let Defender add rules with exclusions defined, you’d only need to edit the file to add missing slashes in that file name so that should do the trick until it’s fixed.

    Best regards,
    Adam