I have this inserted in my htaccess file on a WordPress installation
RewriteRule wp-content/plugins/(.*\.php)$ - [R=404,L]
I am using LSCWP and I want to try the guest mode.
For that I need access to this file that is located in
wp-content/plugins/litespeed-cache/guest.vary.php
I like to run the site as tight as possible, how can I modify the rewrite rule to somehow allow the execution of the "guest.vary.php" file in the litespeed cache directory?
So far, I have only tried removing the rewrite rule and that did work but it leaves the wp content directory vulnerable to code execution.
Put a RewriteCond before the rule, that checks the REQUEST_URI is not that particular path.
RewriteCond %{REQUEST_URI} !=/wp-content/plugins/litespeed-cache/guest.vary.php
RewriteRule wp-content/plugins/(.*\.php)$ - [R=404,L]