403 errors when accessing some images on mobile

  • Resolved caramaple

    (@caramaple)


    1 month, 4 weeks ago

    Hello,

    I’m using All In One Security (AIOS) on my WordPress website and experiencing an issue with image access from mobile devices.

    The Problem:

    • A PNG image from the WordPress Media Library loads correctly on desktop devices
    • On mobile devices (smartphone), I get a 403 Forbidden error for the same image
    • When I completely deactivate AIOS, the image works fine on mobile devices as well

    What I’ve Already Tested: I’ve tried deactivating various AIOS settings individually to identify the cause:

    • User Agent blocking
    • “Block Fake Googlebots”
    • “Enable Basic Firewall Protection”

    Unfortunately, I haven’t been able to determine which specific AIOS setting is blocking mobile access to images.

    My Question: Which AIOS setting or firewall rule might be causing mobile devices to receive 403 errors when accessing images? Are there any known settings that treat mobile user agents differently than desktop browsers?

    Any help would be greatly appreciated!

    • This topic was modified 1 month, 4 weeks ago by caramaple.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 month, 4 weeks ago

    Hi @caramaple,

    This seems strange issue where in mobile AIOS fires 403 forbidden for an image. Generally, there is no such direct rule. Please try to check if any of the following settings are enabled. If yes, try disabling that.

    1) AIOS > File security > File protection – Prevent hotlinking tab – Prevent image hotlinking should be disabled.
    2) Deny bad query string – AIOS > Firewall > PHP rules tab. URL Security – Deny bad query strings: uncheck the checkbox and save
    3) Advanced char filter – AIOS > Firewall > PHP rules tab. – String filtering Enable advanced character string filter :uncheck the checkbox and save
    4) 6g firewall rules – AIOS > Firewall > PHP rules tab – nG firewall – Enable 6G firewall rules – uncheck the checkbox and save
    5) 5g firewall rules – AIOS > Firewall > 5G Legacy firewall rules tab. Enable legacy 5G firewall protection, uncheck the checkbox and save. ( This tab will be visible only if the future is enabled in past. It is deprecated in recent AIOS versions.)

    Regards

    Thread Starter caramaple

    (@caramaple)

    1 month, 4 weeks ago

    Thanks so much for your quick and detailed feedback!

    2) to 4) are all unchecked;
    1) is enabled and if I try to disable I get the following message: “Disable PHP file editing failed: Die Datei wp-config.php konnte nicht geändert oder gesichert werden.” Translation: “Disable PHP file editing failed: The wp-config.php file could not be modified or backed up.”

    Could this be the issue? Thanks!

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 month, 4 weeks ago

    Hi @caramaple,

    You might have “Disable PHP file editing” enabled, and the wp-config.php file may not have the necessary permissions to be edited. You’ll need to set the correct permissions and change the file’s ownership to make it writable. If this is too technical, please contact your hosting provider.

    If you have file manager access, please remove from the .htaccess file, code between the lines and save ( save that code to re-add later) and check if it solves the image-related issue and let me know.

    #AIOWPS_PREVENT_IMAGE_HOTLINKS_START and #AIOWPS_PREVENT_IMAGE_HOTLINKS_END

    Regards

Viewing 3 replies - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.