Not a bug Add image to post not working

[RaptureForums]

Affected version

XF 2.2.2

Hi,
I updated to XF 2.2.2 last night and today when I tried to add an image to a post I get the following message when clicking to add the image and posting from URL instead of upload:

"Image can't be loaded from the passed link"

The image is from my WP part of my site and the image is in the media gallery. I've always added images like this and it worked. Until today.

Thank you.

P.S. I get the same error message when I tried to add it here, too.

 

[Paul B]

What is the URL of the image?

How are you trying to add it to the post?

 

[RaptureForums]

This is the URL of the image. https://www.raptureforums.com/wp-content/uploads/2020/12/pambondi2.jpg

I am making a post, click the insert image button, click on URL, and paste in the image URL. Then when I click the submit button the error message comes up.

 

[Paul B]

This is what I see when I click on that link.

The owner of this website (www.raptureforums.com) does not allow hotlinking to that resource (/wp-content/uploads/2020/12/pambondi2.jpg).

That is something you have explicitly prohibited.

 

[RaptureForums]

Is that a setting I enabled back in the forums control panel? If so, where would it be located so I can remove it?

Thank you and I am sorry for the trouble.

 

[Paul B]

It's a server setting.

 

[RaptureForums]

It's a server setting.

Ok, I will ask my host about that. Thank you.

 

[RaptureForums]

Hi,
I was looking around on my server in the admin area and couldn't find anything in WHM about hotlinking, so I looked in cPanel and found the hotlink protection listing in the "security" area. It turns out that it was not enabled. So, I begin to wonder about Cloudflare since I use that and found that the "scrape shield" hotlink protection setting was turned on. I turned it off and now the image works when I try to use it in a post. I'm sorry I did not specify that I was using Cloudflare.

Anyway, thank you for your help with that. Looking at the "scrape shield" in Cloudflare it does not provide an area that I could see to "whitelist" allowed URLs such as my site domain if you want to do what I was trying to do. However, it looks like in the "security" area of cPanel that it does allow me to list URLS that are allow access. It has defaulted my site domain with the http and https variants. So, I'm guessing that maybe instead of using Cloudflare for hotlink protection that maybe I should use the built in cPanel hotlink protection so I can use my images on the forums? Do you think that is a better idea or is there some specific reason I should leave hotlink protection on at Cloudflare?

Do you have any advice or opinion?

Thank you again for your help.

 

[VersoBit]

As per the Cloudflare documentation: https://support.cloudflare.com/hc/e...6-Understanding-Cloudflare-Hotlink-Protection

You can do a few different things to implement the hotlink-ok folder:
1. Create a folder in the WordPress root called hotlink-ok and inside of the folder create a symbolic link to the folders you need access to. (i.e. wp-content)
2. Use Apache or Nginx to create an alias folder.

Either way, this is the easiest way to retain cloudflare's hotlink protection.

 

[RaptureForums]

Thank you.