Put the following directives in your
server block. nginx will then redirect URLs with double (or triple or multiple) slashes to the corresponding URL with a single slash.
merge_slashes off; rewrite ^(.*?)//+(.*?)$ $1/$2 permanent;
The User Control plugin gives administrators the possibility to disable user accounts in WordPress. Users whose accounts have been disabled cannot sign in to WordPress anymore. Unfortunately, the plugin has some serious vulnerabilites which anyone can use to perform SQL queries on the WordPress SQL database.
The plugin has been removed from the official WordPress plugin repository. If this plugin is installed on your WordPress installation, you should remove it ASAP.
The plugin contains the following code which is executed on every pageload:
I am running a WordPress multisite network with sub-directory setup. When I check my error.log file, it is full of entries like this one:
Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'Limit InternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
The problem was, in my case, one specific rewrite rule in the .htaccess file.
I hereby claim:
To claim this, I am signing this object: