12AX7 on "[Plugin: All In One WP Security & Firewall] Does is plugin change my .htaccess on every update?"

I haven't had a chance to re-confirm it but I had a feeling your plugin changes:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

to

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

everytime it updates. Is that possible or would the reason for that lie somewhere else?

https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

Hi,

Any content between "# BEGIN WordPress" and "# END WordPress" in .htaccess file is maintained by WordPress core, so the changes you are experiencing are caused by WordPress itself, not by the plugin!

You should add your custom rules outside this block. Given that you want force SSL on your site, then I would recommend to put them above "# BEGIN WordPress" line.

Cheers,
Česlav

Ah, that's good to know. Thank you.

For anyone interested, my new .htaccess looks like this:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Thanks for your super quick response!