We Keep Coding

/wp-admin/admin-ajax.php 403 (Forbidden)

I'm running WordPress on Windows server 2012 R2 in an Azure VM. In one of my sites, the theme options panel is not updating. When I check the console, I see that this error: /wp-admin/admin-ajax.php 403 (Forbidden).
The .htaccess file in the root folder looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# Forbidding PHP files execution
<FilesMatch “\.(php|php\.)$”>
Order Allow,Deny
Deny from all
</FilesMatch>
# END WordPress
#GZIP Compression
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
I've tried adding another .htaccess file into the wp-admin folder with the following:
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
But this does not work.
My permissions for the files are set like this:
https://www.customfitonline.com/news/2013/6/20/solve-wordpress-on-windows-server-problems/
Any ideas on how to get this working???

.htaccess doesn't work on custom folders in codeigniter

I have my site running in Codeigniter. I have my own folder names custom where I have placed a simple .htaccess which has
Deny from all
But when i hit www.example.com/custom, it shows all files in browser. However, If I hit www.example.com/system, it says "Directory access is forbidden."
My folder structure is as follows.
mysite
mysite/system
mysite/custom
mysite/application
....
I have different .htaccess in root file and the redirection works fine.
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [PT,L]
<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE font/woff
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
# Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
ExpiresActive On
ExpiresDefault A0
<FilesMatch "\.(ico|ICO|pdf|PDF|flv|FLV|jpg|JPG|jpeg|JPEG|png|PNG|gif|GIF|js|JS|css|CSS|swf|SWF)(\.gz)?$">
ExpiresDefault "access plus 10 years"
Header append Cache-Control “publicâ€
Header unset ETag
FileETag None
Header set Expires "Thu, 15 Apr 2025 20:00:00 GMT"
</FilesMatch>
<FilesMatch “\.(xml|txt|html)$â€>
ExpiresDefault A7200
Header append Cache-Control “proxy-revalidateâ€
</FilesMatch>
<FilesMatch “\.(js|css)$â€>
ExpiresDefault A259200
Header append Cache-Control “proxy-revalidateâ€
</FilesMatch>
</IfModule>
I have the
Deny from all
in rest of the sub folders. System and application folders comes with CI. htaccess works fine in this folder. But in my own created folder "custom", htaccess file is not working.
What might be the problem? Why it allows htaccess work in the default folders and why it is not working in the user created folders
Note: I have same setting working in my nginx server. I have a different site Im uploading now. It is not working on the apache folder.

Try this code in your /custom/.htaccess:
RewriteEngine On
Deny from all

Delete your browser cache with (CTRL + F5) for WINDOWS or (Command + R) for MACOS and try again, make sure you have (dot) .htaccess and not just htaccess in your mysite/custom folder.

RewriteRule redirecting to index.php

This is something weird.
In a website that I'm working on, which uses Zend framework, there was a requirement to redirect any URLs ending with "/" (e.g., http://test.com/test-url/) to the same URL without the "/" (e.g., http://test.com/test-url).
I added this to the .htaccess file:
RewriteRule ^(.+[^/])/$ /$1 [R=301,L]
For many URLs this is working fine. But for URLs like http://test.com/index/test-url/ this gets redirected to http://test.com/index.php/test-url, which is undesired. Can somebody throw some light on why this happens please?
I know you can complain about the unfriendly URLs like "/index/test", but I need to live with it for now :)
The requirement was to avoid these being seen as duplicate URLs by search bots, which affects SEO as some believe.
Here is the complete .htaccess file:
RewriteEngine On
RewriteBase /
RewriteRule ^(.+[^/])/$ /$1 [R=301,L]
# Some other strange redirections
RewriteRule ^index/$ / [R=301]
RewriteRule ^css/$ / [R=301]
RewriteRule ^js/$ / [R=301]
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
# compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/atom_xml
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-httpd-php
AddOutputFilterByType DEFLATE application/x-httpd-fastphp
AddOutputFilterByType DEFLATE application/x-httpd-eruby
</IfModule>

This behaviour seems to surface when you have the MultiViews option turned on. Multiviews allows for content negotiation with mod_negotiation. You can turn it off by adding the following in the very top of your .htaccess:
Options -MultiViews
For more information, see the documentation and some more information about content negotiation.
Alternatively you can rename index.php to prettybutterflies.php and change your RewriteRule to:
RewriteRule ^ prettybutterflies.php [NC,L]

.htaccess Rewrite issue. Possibly reserved words?

This does not require much explanation, quite simply, how does the following work:
RewriteRule ^errors/browser/?$ /_errors/browser.php?error=browser [NC,QSA,L]
and this does not work:
RewriteRule ^error/browser/?$ /_errors/browser.php?error=browser [NC,QSA,L]
The only difference in two above snippets, is the removal of the letter s from the end of the word error
I cannot understand why the addition of an s on the word error suddenly makes this code work. The only explanation I can think of is that error is a reserved word? Is this the case?
If this is the case then how can I match and rewrite the word error using an .htaccess file?
UPDATE
This is my whole .htaccess file:
# Define the default document
DirectoryIndex index.php
# Turn on the rewrite engine
RewriteEngine On
# Compress all HTML, Javascript, CSS, XML... files
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
# Set the error page rewrites
RewriteRule ^errors/browser/?$ /_errors/browser.php?error=browser [NC,QSA,L]
# Set the general first level rewrites
RewriteRule ^([a-z-]+)\/?$ $1.php? [NC,QSA,L]
RewriteRule ^([a-z-]+)\/([a-z-0-9]+)\/?$ $1.php?id=$2& [NC,QSA,L]

Quite strange that vim will highlight the word "error", but you may simply try this to hack it:
RewriteEngine On
RewriteRule ^erro[r]/index.html [NC,QSA,L]
And here is an issue maybe related: question-10872503

zend router issue in some directories

I have an uploads directory in public path, but in some projects zend can't understand this is a directory and not a Controller.
when I open this folder, zend shows below error to me:
Invalid controller specified "uploads"
checked .htaccess and have no problem.
this is my htaccess code:
RewriteEngine On
AddDefaultCharset utf-8
Options +FollowSymLinks
<IfModule mod_expires.c>
<FilesMatch "\.(gif|jpg|jpeg|png|swf|css|js|html?|xml|txt)$">
ExpiresActive On
ExpiresDefault "access plus 10 years"
</FilesMatch>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*\.(js|css))$ plugins/smartoptimizer/?$1
<IfModule mod_expires.c>
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*\.(js|css|html?|xml|txt))$ plugins/smartoptimizer/?$1
</IfModule>
</IfModule>
<IfModule !mod_expires.c>
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*\.(gif|jpg|jpeg|png|swf|css|js|html?|xml|txt))$ plugins/smartoptimizer/?$1
</IfModule>
<FilesMatch "\.(gif|jpg|jpeg|png|swf|css|js|html?|xml|txt)$">
FileETag none
</FilesMatch>
#
# If Apache is compiled with built in mod_deflade/GZIP support
# then GZIP Javascript, CSS, HTML and XML so they're sent to
# the client faster.
#
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/x-javascript text/css text/html text/xml
</IfModule>
#enabling gzip----------------------------
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
# cache images and flash content for one month
<filesmatch ".(flv|gif|jpg|jpeg|png|ico|swf)$">
Header set Cache-Control "max-age=2592000"
</filesmatch>
# cache text, css, and javascript files for one week
<filesmatch ".(js|css|pdf|txt)$">
Header set Cache-Control "max-age=604800"
</filesmatch>
# cache html and htm files for one day
<filesmatch ".(html|htm)$">
Header set Cache-Control "max-age=43200"
</filesmatch>
# implement minimal caching during site development
<filesmatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)$">
Header set Cache-Control "max-age=5"
</filesmatch>
# explicitly disable caching for scripts and other dynamic files
<filesmatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</filesmatch>
SetEnv APPLICATION_ENV development
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]