htaccess

1.  
2. # BEGIN Better WP Security
3. Options -Indexes
4.  
5. # Begin HackRepair.com Blacklist
6. RewriteEngine on
7. #Block comment spammers, bad bots and some proxies
8. RewriteCond %{REMOTE_HOST} 12.226.240.248 [OR]
9. RewriteCond %{REMOTE_HOST} 24.111.102.26 [OR]
10. RewriteCond %{REMOTE_HOST} 24.117.121.113 [OR]
11. RewriteCond %{REMOTE_HOST} 65.30.216.140 [OR]
12. RewriteCond %{REMOTE_HOST} 67.87.64.23 [OR]
13. RewriteCond %{REMOTE_HOST} 68.12.149.198 [OR]
14. RewriteCond %{REMOTE_HOST} 69.139.167.203 [OR]
15. RewriteCond %{REMOTE_HOST} 74.95.182.57 [OR]
16. RewriteCond %{REMOTE_HOST} 91.121.3.29 [OR]
17. RewriteCond %{REMOTE_HOST} 203.94.229.227 [OR]
18. RewriteCond %{REMOTE_HOST} 208.96.122.142 [OR]
19. RewriteCond %{REMOTE_HOST} 210.0.141.247 [OR]
20. RewriteCond %{REMOTE_HOST} 210.197.97.67 [OR]
21. RewriteCond %{REMOTE_HOST} 212.179.127.188 [OR]
22. RewriteCond %{REMOTE_HOST} 216.246.60.183 [OR]
23. RewriteCond %{REMOTE_HOST} 220.156.189.233 [OR]
24. RewriteCond %{REMOTE_HOST} 222.36.12.42 [OR]
25. # Abuse Agent Blocking
26. RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
27. RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR]
28. RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR]
29. RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR]
30. RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
31. RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
32. RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR]
33. RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR]
34. RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
35. RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR]
36. RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
37. RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
38. RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR]
39. RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
40. RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
41. RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
42. RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
43. RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
44. RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
45. RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
46. RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
47. RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
48. RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
49. RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
50. RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
51. RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
52. RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
53. RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR]
54. RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR]
55. RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
56. RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR]
57. RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
58. RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR]
59. RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR]
60. RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR]
61. RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR]
62. RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
63. RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
64. RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
65. RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
66. RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
67. RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR]
68. RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR]
69. RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR]
70. RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
71. RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
72. RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
73. RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
74. RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
75. RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
76. RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
77. RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
78. RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
79. RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]
80. RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR]
81. RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
82. RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR]
83. RewriteCond %{HTTP_USER_AGENT} MFC_Tear_Sample [NC,OR]
84. RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR]
85. RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR]
86. RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
87. RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
88. RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR]
89. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR]
90. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR]
91. RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR]
92. RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
93. RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
94. RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
95. RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
96. RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
97. RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
98. RewriteCond %{HTTP_USER_AGENT} ^Nutch [NC,OR]
99. RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
100. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
101. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
102. RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
103. RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR]
104. RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
105. RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
106. RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR]
107. RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR]
108. RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
109. RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR]
110. RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR]
111. RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
112. RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
113. RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
114. RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR]
115. RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR]
116. RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR]
117. RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR]
118. RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
119. RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
120. RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR]
121. RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR]
122. RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
123. RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
124. RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
125. RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
126. RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
127. RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR]
128. RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR]
129. RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR]
130. RewriteCond %{HTTP_USER_AGENT} User-Agent [NC,OR]
131. RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
132. RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
133. RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
134. RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR]
135. RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR]
136. RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
137. RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
138. RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR]
139. RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
140. RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
141. RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
142. RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
143. RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
144. RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
145. RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
146. RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
147. RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
148. RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
149. RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
150. RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR]
151. RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR]
152. RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
153. RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
154. RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR]
155. RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
156. RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
157. RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR]
158. RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR]
159. RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
160. RewriteCond %{HTTP_USER_AGENT} ^Zeus\.*Webster [NC,OR]
161. RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC]
162. RewriteRule ^.* - [F,L]
163. # Abuse bot blocking rule end
164. order allow,deny
165. allow from all
166. # Start Custom Blocks
167. # Bluecoat
168. deny from 8.21.4.254
169. deny from 65.46.48.192/30
170. deny from 65.160.238.176/28
171. deny from 85.92.222.0/24
172. deny from 206.51.36.0/22
173. deny from 216.52.23.0/24
174. # cyveillance (already blocked 38.*)
175. deny from 38.100.19.8/29
176. deny from 38.100.21.0/24
177. deny from 38.100.41.64/26
178. deny from 38.105.71.0/25
179. deny from 38.105.83.0/27
180. deny from 38.112.21.140/30
181. deny from 38.118.42.32/29
182. deny from 65.213.208.128/27
183. deny from 65.222.176.96/27
184. deny from 65.222.185.72/29
185. # Cyberpatrol
186. deny from 38.103.17.160/27
187. # Internet Identity - Anti-Phishing
188. deny from 66.113.96.0/20
189. deny from 70.35.113.192/27
190. # Ironport
191. deny from 204.15.80.0/22
192. # Lightspeed Systems Security
193. deny from 66.17.15.128/26
194. deny from 69.84.207.32/27
195. deny from 69.84.207.128/25
196. # Layered Technologies
197. deny from 72.36.128.0/17
198. deny from 72.232.0.0/16
199. deny from 72.233.0.0/17
200. deny from 216.32.0.0/14
201. # M86
202. deny from 67.192.231.224/29
203. deny from 208.90.236.0/22
204. # McAfee-Secure-Computing
205. deny from 69.48.241.64/26
206. deny from 80.66.0.0/19
207. deny from 192.55.214.0/24
208. deny from 207.67.117.0/24
209. # Phish-Inspector.com
210. deny from 209.147.127.208/28
211. # Prescient Software, Inc. Phishmongers
212. deny from 198.186.190.0/23
213. deny from 198.186.192.0/23
214. deny from 198.186.194.0/24
215. # PSI network
216. deny from 38.0.0.0/8
217. # urlfilterdb
218. deny from 207.210.99.32/29
219. # websense-in.car1.sandiego1.level3.net
220. deny from 4.53.120.22
221. # Websense
222. deny from 66.194.6.0/24
223. deny from 67.117.201.128/28
224. deny from 69.67.32.0/20
225. deny from 131.191.87.0/24
226. deny from 204.15.64.0/21
227. deny from 208.80.192.0/21
228. deny from 212.62.26.64/27
229. deny from 213.168.226.0/24
230. deny from 213.168.241.0/30
231. deny from 213.168.242.0/30
232. deny from 213.236.150.16/28
233. # Yandex
234. deny from 77.88.0.0/18
235. deny from 77.88.22.0/23
236. deny from 77.88.24.0/21
237. deny from 77.88.24.0/22
238. deny from 77.88.28.0/22
239. deny from 77.88.36.0/23
240. deny from 77.88.42.0/23
241. deny from 77.88.44.0/24
242. deny from 77.88.50.0/23
243. deny from 87.250.224.0/19
244. deny from 87.250.230.0/23
245. deny from 87.250.252.0/22
246. deny from 93.158.128.0/18
247. deny from 93.158.137.0/24
248. deny from 93.158.144.0/21
249. deny from 93.158.144.0/23
250. deny from 93.158.146.0/23
251. deny from 93.158.148.0/22
252. deny from 95.108.128.0/17
253. deny from 95.108.128.0/24
254. deny from 95.108.152.0/22
255. deny from 95.108.216.0/23
256. deny from 95.108.240.0/21
257. deny from 95.108.248.0/23
258. deny from 178.154.128.0/17
259. deny from 178.154.160.0/22
260. deny from 178.154.164.0/23
261. deny from 199.36.240.0/22
262. deny from 213.180.192.0/19
263. deny from 213.180.204.0/24
264. deny from 213.180.206.0/23
265. deny from 213.180.209.0/24
266. deny from 213.180.218.0/23
267. deny from 213.180.220.0/23
268. # End HackRepair.com Blacklist
269.  
270. Order allow,deny
271. Allow from all
272. Deny from 195.190.13.26
273. Deny from 91.207.7.110
274. Deny from 91.207.6.18
275. Deny from 195.190.13.26
276.  
277. <files .htaccess>
278. Order allow,deny
279. Deny from all
280. </files>
281.  
282. <files readme.html>
283. Order allow,deny
284. Deny from all
285. </files>
286.  
287. <files readme.txt>
288. Order allow,deny
289. Deny from all
290. </files>
291.  
292. <files install.php>
293. Order allow,deny
294. Deny from all
295. </files>
296.  
297. <files wp-config.php>
298. Order allow,deny
299. Deny from all
300. </files>
301.  
302. <IfModule mod_rewrite.c>
303. RewriteEngine On
304.  
305. RewriteRule ^wp-admin/includes/ - [F,L]
306. RewriteRule !^wp-includes/ - [S=3]
307. RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
308. RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
309. RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
310. RewriteRule ^wp-includes/theme-compat/ - [F,L]
311.  
312. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
313. RewriteRule ^(.*)$ - [F,L]
314.  
315. RewriteCond %{REQUEST_METHOD} POST
316. RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php*
317. RewriteCond %{HTTP_REFERER} !^(.*)telecomreseller.com.* [OR]
318. RewriteCond %{HTTP_USER_AGENT} ^$
319. RewriteRule ^(.*)$ - [F,L]
320.  
321. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
322. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
323. RewriteCond %{QUERY_STRING} tag\= [NC,OR]
324. RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
325. RewriteCond %{QUERY_STRING} http\: [NC,OR]
326. RewriteCond %{QUERY_STRING} https\: [NC,OR]
327. RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
328. RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
329. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
330. RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
331. RewriteCond %{QUERY_STRING} ^.*(&#x22;|&#x27;|&#x3C;|&#x3E;|&#x5C;|&#x7B;|&#x7C;).* [NC,OR]
332. RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
333. RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
334. RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
335. RewriteCond %{QUERY_STRING} ^.*(request|select|concat|insert|union|declare).* [NC]
336. RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
337. RewriteRule ^(.*)$ - [F,L]
338.  
339. </IfModule>
340.  
341. # END Better WP Security
342.  
343. # BEGIN PHP 5.3 Setting
344. <FilesMatch \.php$>
345. SetHandler php53-cgi
346. </FilesMatch>
347. # END PHP 5.3 Setting
348.  
349. # BEGIN WordPress
350. <IfModule mod_rewrite.c>
351. RewriteEngine On
352. RewriteBase /
353. RewriteRule ^index\.php$ - [L]
354. RewriteCond %{REQUEST_FILENAME} !-f
355. RewriteCond %{REQUEST_FILENAME} !-d
356. RewriteRule . /index.php [L]
357. </IfModule>
358.  
359. # END WordPress