开发者 | samuelaguilera |
---|---|
更新时间 | 2020年4月11日 02:33 |
捐献地址: | 去捐款 |
PHP版本: | 3.9.2 及以上 |
WordPress版本: | 5.4 |
版权: | GPL3 |
wp-content/plugins/
directory of your WordPress installation (or install it directly from your dashboard) and then activate it from Plugins page.If you use a plugin like Wordfence Security, or any other security plugin that gives you similar functionality (these that writes rules to .htaccess), you should not be using this plugin or another security plugin. Using more than one security plugin at once can give you unexpected results. Anyway, SAR One Click Security is a pretty friendly plugin, it adds his security rules without interfering in any other existing content in your .htacces file. In fact I'm using SAR One Click Security + All In One WP Security & Firewall in some sites that I manage. So technically you can do it if you know what you're doing, but if you do you're at your own risk. No support for problems due to the use of another security plugin together with this one.
The plugin doesn't touch any of the current content of your .htaccess file, it only adds its own rules when you activate it, and removes its own rules when you deactivate it.
Yes. If you install this plugin in another server rather than Apache (nginx, IIS, etc...) the plugin only will show a notice in your WordPress admin dashboard, no modifications will be made.
Yes. But you must add the following line to your wp-config.php file BEFORE activating the plugin.
define('SAR_ALLOW_TIMTHUMB', '');
That will allow you to use all features of the plugin excerpt for the TimThumb blocking rule.
If you activated the plugin before inserting the above line in your wp-config.php file, simply deactivate/activate the plugin to allow access for timthumb.php and thumb.php (another file name used for TimThumb).
And if you want to turn off TimThumb support, simply remove the previous mentioned line and deactivate/activate the plugin.
If you get an error 500 page after activating the plugin this can be for one of the following reasons: A) Your hosting provider doesn't allow you to set some (or any) settings from your .htaccess B) Your site is hosted on an Apache 2.2.x server. This branch of Apache reached its EOL on 2018-01-01 and therefore it's not supported anymore. If your hosting is still server your site with such an old version of Apache, I would recommend you to move to a better hosting ASAP. In any case, you can manually uninstall the plugin's .htacces rules by opening your favorite FTP client and removing all content between # BEGIN SAR One Click Security and # END SAR One Click Security in your .htaccess file located in the root directory of your WordPress installation. And doing the same in the .htaccess file located in the wp-content dir (or deleting the file if no more content on it).