There’s a critical security breach in Revolution Slider, a plugin for WordPress. It works by accessing a certain URL that let’s download the config files eg.
www.domain.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
I’ve been trying to make a rewrite condition so that url wouldn’t be accessible anymore. This is what I have now in my .htaccess file
RewriteEngine on
RewriteCond %{QUERY_STRING} ^action=revslider_show_image&img=(&.*)?$ [NC]
RewriteRule ^wp-admin/admin-ajax.php$ /?%1 [R=301,NE,NC,L]
but it doen’t work, I’m not very familiar with rewrites, any suggestions on what I’m doing wrong here?
Instead of redirecting to protected file, you should forbid it (with
Fflag, equivalent to 403).Also, you have an error in your condition’s pattern.
Put this code in your htaccess before WordPress’ main rule
Justin’s answer will work and directly answers your “how do i” question, BUT…
This will prevent Rev Slider from working entirely, since you’re forbidding the ajax call which is used to get and display an image.
I know you’re looking for a quick fix until you get the plugin updated (which I did confirm myself today, patching to 4.6 works just fine), but be careful about HOW you’re doing it. The best thing for you to do is update the plugin, not to implement this.