Support

In order to get image previews working in moodle (tinymce), what worked for the person in ticket #16666 didn't work for me. Instead, I had to move the following:

##### Advanced server protection rules exceptions -- BEGIN
RewriteRule ^administrator\/components\/com_akeeba\/restore\.php$ - [L]
RewriteRule ^administrator\/components\/com_admintools\/restore\.php$ - [L]
RewriteRule ^administrator\/components\/com_joomlaupdate\/restore\.php$ - [L]
RewriteRule ^components\/com_joomdle\/views\/wrapper\/getout\.php$ - [L]
RewriteRule ^moodle/ - [L]
##### Advanced server protection rules exceptions -- END

...up above this part:

##### File injection protection -- BEGIN
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
##### File injection protection -- END

I'm not sure if that order is how Admin Tools should be set up by default, but thought I'd let you know.

The issue is that when I put 'moodle' into the 'Allow direct access, including .php files, to these directories', the resulting rewrite is placed below the 'File injection protection' section of the htaccess file, which means image previews don't work in moodle (tinymce).

But if I manually move the rewrite ( RewriteRule ^moodle/ - [L] ) up above the 'File injection protection' section, all is well (I've learned that I don't have to move the other rewrites - just the moodle one).

So that's why I was saying that, at least for my setup, Admin Tools puts things in the wrong order in htaccess. The file injection projection needs to come after my moodle rewrite.

Thanks!

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.