2. Home
  4. FAQ
  6. Ajax search known conflicts with Security plugins

Ajax search known conflicts with Security plugins

iThemes Security Pro

Solution 1.

Please go to Dashboard -> Security -> Settings -> Advanced -> SYSTEM TWEAKS -> uncheck Disable PHP in Plugins

Solution 2. ( Recommended )

Add the following code snippet to your functions.php or in the CodeSnippets plugin.

function woostify_itsec_config( $modification ) {
    $modification = str_replace( 'RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]', 'RewriteRule ^wp\-content/plugins/(?!woostify\-pro/modules/woocommerce/ajax\-product\-search/includes/search\.php).*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]', $modification );

}
add_filter( 'itsec_filter_apache_server_config_modification', 'woostify_itsec_config', PHP_INT_MAX - 5 );

afterward go to Dashboard -> Security -> Settings -> Advanced -> SYSTEM TWEAKS -> check Disable PHP in Plugins and save

Sucuri Security

– Please login to Sucuri panel https://login.sucuri.net

– Go to the Firewall tab

– In your site, Find section Access Control -> Allow URL Paths

– Add the Allow URL Paths: wp-content/plugins/woostify-pro/modules/woocommerce/ajax-product-search/includes/search.php

Apache Server

Try to check manually if you have security rules added to e.g. .htaccess in following paths:
.htaccess

please add

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteRule ^wp\-content/plugins/(?!woostify\-pro/modules/woocommerce/ajax\-product\-search/includes/search\.php).*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
</IfModule>

WP Defender

Go to Defender -> Recommendations -> Actioned -> Prevent PHP execution and add following file as exception.

search.php

NGINX Server

Some nginx configuration may block executing PHP files included directly in the plugins directory. There is no one solution. It depends on your NGINX configuration. We recommend contact your hosting provider and ask to allow to execute the following file:

https://your-domain.com/wp-content/plugins/woostify-pro/modules/woocommerce/ajax-product-search/includes/search.php

  1. Adding extra rules to /usr/local/nginx/conf/wpsecure_${vhostname}.conf or etc/nginx/{vhostname}.conf
# Whitelist Exception for ajax search
location ~ ^/wp-content/plugins/woostify-pro/modules/woocommerce/ajax-product-search/includes/ {
  include /usr/local/nginx/conf/php.conf;
}

Was this article helpful to you? No 1 Yes 2

How can we help?