Forum Replies Created
-
Posts
-
Hi there,
I have investigated a bit more. It seems that the formation of the download path is triggering firewalls. When I first reported this, I was using Sucuri and no other firewall, and the blockage was triggered for pdfs but not jpgs. Currently I am using Cloudflare WAF proxy and 7G Firewall on the server itself. The problem does not trigger Cloudflare, but it does trigger 7G.
The request is apparently breaking rule 24 of the bad_request ruleset. It looks like it is picking up on the word “confirmed” in the path thinking it is “conf”.
So while I can fix this for myself with a rule customisation, I’d suggest you rename /confirmed/ if you do not want to cause problems for other people using firewalls.
I also have another problem with the thumbnails, which is that they increase Spamassassin score for Woocommerce transactional emails if they contain images, so it would be much better if we could just have a download link instead.
Specifically, when attaching non-image files, the thumbnail file is just named “file.png”, which might be what is triggering HTML_SHORT_LINK_IMG_1. But generally, it would be better for transactional emails to have no images, in order to have maximum deliverability.
Thank you.
