[Support request] Header image gone

[urs]

Hy there
WO 5.8.1, GP Plugin 2.1.1, GP premium Theme 3.1.0

Ater upgrading the Theme today to 3.1.0, header image dissapears. No changes in customiser or elsewhere, just update the Tehme. Downloaded original header image from Media to my computer and re-upload using customiser>Backgrund images>Header, no effect. Any other image will work fine, but not the originally used header image (witch is wired). Original header image shows well in customiser preview on the left, but not on the page itself. Did not change anything to the image itself, same hight and length. It is *.jpeg format, as it was allways for many years now.
Try other browser as well, header image is gone. Any recoms?
thanks

[David]

Hi there,

can you share a link to the site where i cans see the issue ?

[urs]

Yeah, shure. Sorry, forgot that ;(
https://www.philippinen-blog.ch
[url=https://postimg.cc/QHMsLXg3][img]https://i.postimg.cc/QHMsLXg3/headerimage.jpg[/img][/url]

[David]

Thats odd – it only seems to fails on Chrome ( ok on Safari and Firefox ).
This is the CSS being generated:

body {
    background-image: url('https://www.philippinen-blog.ch/wp-content/uploads/2017/02/background-1.jpg');
    background-repeat: no-repeat;
    background-size: cover;
    background-attachment: fixed;
}

.site-header {
    background-image: url('https://www.philippinen-blog.ch/wp-content/uploads/2021/10/pbch-header-170307-1024x214-1.jpg');
    background-repeat: no-repeat;
    background-size: cover;
    background-attachment: local;
}

On the site both those imnages are reporting a 403 ( Forbidden ) error. Yet if i go directly to that URL eg.

https://www.philippinen-blog.ch/wp-content/uploads/2021/10/pbch-header-170307-1024x214-1.jpg

then the image is displayed.

403 errors are pain, they are generally related to File Permissions / HTTAccess rules or something server side that is blocking the requests. But if that were the case it should fail when visiting the URL directly.

Any Page Caches or CDNs in place that might need caches clearing ?

[urs]

Nope, no cache Plugins. Handle most in htaccess. But also here: no changes for a long time now…
Btw, Edge is also not showing the image.

———————————————————————-

# Verbietet allen den Zugang zur wp-config
<files wp-config.php>
order allow,deny
deny from all
</files>

# Umleitung von HTTP zu HTTPS von externen zugriffen
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<files wp-login.php>
AuthType Basic
AuthName “!! STAY OUT !!”
AuthUserFile “/home/philippi/public_html/.htpasswd”
Require valid-user
</files>

# Browser Caching aktivieren
ExpiresActive On
ExpiresByType image/jpg “access 1 year”
ExpiresByType image/jpeg “access 1 year”
ExpiresByType image/gif “access 1 year”
ExpiresByType image/png “access 1 year”
ExpiresByType text/css “access 1 month”
ExpiresByType application/pdf “access 1 month”
ExpiresByType text/x-javascript “access 1 month”
ExpiresByType application/x-shockwave-flash “access 1 month”
ExpiresByType image/x-icon “access 1 year”
ExpiresDefault “access 2 days”

# Aktiviert GZIP Komprimierung
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>

#Zugriffe auf .htaccess verhindern
<files ~ “^.*\.([Hh][Tt][Aa])”>
order allow,deny
deny from all
satisfy all
</files>

# No access to the liesmich.html for DE Edition https://blog.seoagentur-hamburg.com/4183/
<Files liesmich.html>
Order Allow,Deny
Deny from all
Satisfy all
</Files>

# Die XML-RPC Datei sperren https://blog.seoagentur-hamburg.com/4183/
#<Files xmlrpc.php>
# Order Deny,Allow
# Deny from all
#</Files>

# Hotlink Protection gegen Bildklau https://blog.seoagentur-hamburg.com/4183/
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain\. [NC]
RewriteRule \.(gif|jpe?g?|png)$ – [F,NC,L]
</ifModule>

# Schutz gegen den ReallyLongRequest Banditen https://blog.seoagentur-hamburg.com/4183/
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} .* [NC]
RewriteCond %{THE_REQUEST} (YesThisIsAReallyLongRequest|ScanningForResearchPurpose) [NC,OR]
RewriteCond %{QUERY_STRING} (YesThisIsAReallyLongRequest|ScanningForResearchPurpose) [NC]
RewriteRule .* – [F,L]
</IfModule>

## No-Referrer-Header https://blog.seoagentur-hamburg.com/4183/
<IfModule mod_headers.c>
Header set Referrer-Policy “no-referrer”
</IfModule>

# Block access to includes folder https://blog.seoagentur-hamburg.com/4183/
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ – [F,L]
RewriteRule !^wp-includes/ – [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]
RewriteRule ^wp-includes/theme-compat/ – [F,L]
</IfModule>

# Verhindert das einfache Auslesen von Nutzernamen
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} .*author=(.+.?) [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) /blog/?author= [NC,L,R=301]
RewriteCond %{THE_REQUEST} /readme\.html[?/\s] [NC]
RewriteRule ^ – [R=404,L]

# ———————————————————————-
# | BLOCK NUISANCE REQUESTS – @Update 2019
# https://perishablepress.com/block-nuisance-requests
# ———————————————————————-

<IfModule mod_alias.c>
RedirectMatch 403 (?i)\.php\.suspected
RedirectMatch 403 (?i)apple-app-site-association
RedirectMatch 403 (?i)/autodiscover/autodiscover.xml
</IfModule>

# BEGIN WordPress
# Die Anweisungen (Zeilen) zwischen „BEGIN WordPress“ und „END WordPress“ sind
# dynamisch generiert und sollten nur über WordPress-Filter geändert werden.
# Alle Änderungen an den Anweisungen zwischen diesen Markierungen werden überschrieben.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
—————————————————————————————

[David]

What happens if you temporarily put the HTTacess back to default ?

[urs]

Hmmpf…replacing the htaccess made it back to work. But, where the heck is this entry? AND, why it was working well till i updated GP. There might are some coding issued in the update?

[David]

I can’t see that any changes in the latest update would affect this. The Backgrounds module hasn’t been updated in the last 16months. And the other changes we made I can’t see would interfere with this.

What happens if you put back your old HTTAccess rules ?

[urs]

Sorry, was litte busy. Put back my Rules, and image is gone again. I will now exclude the rules one by one to find the “bad guy”. Will post it here, but will take a while. Its better you close the case. Anyway we know now in general wht’s the issue.
Thanks fro your Time, David

[David]

Let us know how you get on!

[urs]

Found the “bad guy” > see bold text. 2 questionmarks in it…no idea why …but work for me.

# Hotlink Protection gegen Bildklau https://blog.seoagentur-hamburg.com/4183/
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain\. [NC]
RewriteRule \.(gif|jpe?g?|png)$ – [F,NC,L]
</ifModule>

[David]

Well that is peculiar – glad to hear you found a solution!

[Author]

Posts