im using a payment method (mercadopago) for woocommerce in wordpress which needs to send notifications from outside my server.
Also im using the "ithemes security plugin" which uses an important blacklist from http://pastebin.com/5Hw9KZnW. This list starts like this:
# Begin HackRepair.com Blacklist
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
etc.
RewriteRule ^.* - [F,L]
# End HackRepair.com Blacklist
But ithemes security blocks the notifications because the sender dont have a user agent specified. And nor the admin nor the client receive the payment notification emails.
The only temporal solution i´ve found was commenting this line in the .htaccess file.
# RewriteCond %{HTTP_USER_AGENT} ^$ [NC,OR]
Then the notifications work ok. The problem is that after i save options in the plugin, it regenerates the blacklist and the # is gone.
Is there a way to add a rule outside the ithemes Security code in the htaccess, so it will override the original rule? Or maybe create some kind of whitelist rule for that, so after saving the ithemes options its not removed?
Thank you!!
You can whitelist it like this (must add this before the # Begin HackRepair.com Blacklist line:
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule ^ - [L]