API tools faq
paste
Advertisement
funtimeben

Safer WordPress .htaccess

funtimeben
May 22nd, 2013
186
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Apache Log 11.33 KB | None | 0 0
raw download clone embed print report
  1. # Block directory browsing
  2. Options All -Indexes
  3.  
  4. # Block access to all standard WordPress files
  5. <files .htaccess>
  6. Order allow,deny
  7. Deny from all
  8. </files>
  9.  
  10. <files readme.html>
  11. Order allow,deny
  12. Deny from all
  13. </files>
  14.  
  15. <files readme.txt>
  16. Order allow,deny
  17. Deny from all
  18. </files>
  19.  
  20. <files install.php>
  21. Order allow,deny
  22. Deny from all
  23. </files>
  24.  
  25. <files wp-config.php>
  26. Order allow,deny
  27. Deny from all
  28. </files>
  29.  
  30. # Added by http://www.htaccesstools.com/test-hotlink-protection/ for anti-hotlinks
  31. RewriteEngine on
  32. RewriteCond %{HTTP_REFERER} !^$
  33. RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?YOUR_WEBSITE_HERE.com [NC]
  34. RewriteRule \.(jpg|jpeg|png|gif|svg)$ - [NC,F,L]
  35.  
  36. # Added by HackRepair.com at 2013-05-22, for Bad Bot protection
  37. # http://pastebin.com/5Hw9KZnW
  38. Options -Indexes
  39. RewriteEngine on
  40. #Block comment spammers, bad bots and some proxies
  41. RewriteCond %{REMOTE_HOST} 12.226.240.248 [OR]
  42. RewriteCond %{REMOTE_HOST} 24.111.102.26 [OR]
  43. RewriteCond %{REMOTE_HOST} 24.117.121.113 [OR]
  44. RewriteCond %{REMOTE_HOST} 65.30.216.140 [OR]
  45. RewriteCond %{REMOTE_HOST} 67.87.64.23 [OR]
  46. RewriteCond %{REMOTE_HOST} 68.12.149.198 [OR]
  47. RewriteCond %{REMOTE_HOST} 69.139.167.203 [OR]
  48. RewriteCond %{REMOTE_HOST} 74.95.182.57 [OR]
  49. RewriteCond %{REMOTE_HOST} 91.121.3.29 [OR]
  50. RewriteCond %{REMOTE_HOST} 203.94.229.227 [OR]
  51. RewriteCond %{REMOTE_HOST} 208.96.122.142 [OR]
  52. RewriteCond %{REMOTE_HOST} 210.0.141.247 [OR]
  53. RewriteCond %{REMOTE_HOST} 210.197.97.67 [OR]
  54. RewriteCond %{REMOTE_HOST} 212.179.127.188 [OR]
  55. RewriteCond %{REMOTE_HOST} 216.246.60.183 [OR]
  56. RewriteCond %{REMOTE_HOST} 220.156.189.233 [OR]
  57. RewriteCond %{REMOTE_HOST} 222.36.12.42 [OR]
  58. # Abuse Agent Blocking
  59. RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
  60. RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR]
  61. RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR]
  62. RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR]
  63. RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
  64. RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
  65. RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR]
  66. RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR]
  67. RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
  68. RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR]
  69. RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
  70. RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
  71. RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR]
  72. RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
  73. RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
  74. RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
  75. RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
  76. RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
  77. RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
  78. RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
  79. RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
  80. RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
  81. RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
  82. RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
  83. RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
  84. RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
  85. RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
  86. RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR]
  87. RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR]
  88. RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
  89. RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR]
  90. RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
  91. RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR]
  92. RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR]
  93. RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR]
  94. RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR]
  95. RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
  96. RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
  97. RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
  98. RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
  99. RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
  100. RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR]
  101. RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR]
  102. RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR]
  103. RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
  104. RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
  105. RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
  106. RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
  107. RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
  108. RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
  109. RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
  110. RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
  111. RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
  112. RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]
  113. RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR]
  114. RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
  115. RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR]
  116. RewriteCond %{HTTP_USER_AGENT} MFC_Tear_Sample [NC,OR]
  117. RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR]
  118. RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR]
  119. RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
  120. RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
  121. RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR]
  122. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR]
  123. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR]
  124. RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR]
  125. RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
  126. RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
  127. RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
  128. RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
  129. RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
  130. RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
  131. RewriteCond %{HTTP_USER_AGENT} ^Nutch [NC,OR]
  132. RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
  133. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
  134. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
  135. RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
  136. RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR]
  137. RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
  138. RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
  139. RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR]
  140. RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR]
  141. RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
  142. RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR]
  143. RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR]
  144. RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
  145. RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
  146. RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
  147. RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR]
  148. RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR]
  149. RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR]
  150. RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR]
  151. RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
  152. RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
  153. RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR]
  154. RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR]
  155. RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
  156. RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
  157. RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
  158. RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
  159. RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
  160. RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR]
  161. RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR]
  162. RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR]
  163. RewriteCond %{HTTP_USER_AGENT} User-Agent [NC,OR]
  164. RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
  165. RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
  166. RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
  167. RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR]
  168. RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR]
  169. RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
  170. RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
  171. RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR]
  172. RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
  173. RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
  174. RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
  175. RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
  176. RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
  177. RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
  178. RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
  179. RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
  180. RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
  181. RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
  182. RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
  183. RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR]
  184. RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR]
  185. RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
  186. RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
  187. RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR]
  188. RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
  189. RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
  190. RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR]
  191. RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR]
  192. RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
  193. RewriteCond %{HTTP_USER_AGENT} ^Zeus\.*Webster [NC,OR]
  194. RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC]
  195. RewriteRule ^.* - [F,L]
  196. # Abuse bot blocking rule end
  197. order allow,deny
  198. allow from all
  199. # Start Custom Blocks
  200. # Bluecoat
  201. deny from 8.21.4.254
  202. deny from 65.46.48.192/30
  203. deny from 65.160.238.176/28
  204. deny from 85.92.222.0/24
  205. deny from 206.51.36.0/22
  206. deny from 216.52.23.0/24
  207. # cyveillance (already blocked 38.*)
  208. deny from 38.100.19.8/29
  209. deny from 38.100.21.0/24
  210. deny from 38.100.41.64/26
  211. deny from 38.105.71.0/25
  212. deny from 38.105.83.0/27
  213. deny from 38.112.21.140/30
  214. deny from 38.118.42.32/29
  215. deny from 65.213.208.128/27
  216. deny from 65.222.176.96/27
  217. deny from 65.222.185.72/29
  218. # Cyberpatrol
  219. deny from 38.103.17.160/27
  220. # Internet Identity - Anti-Phishing
  221. deny from 66.113.96.0/20
  222. deny from 70.35.113.192/27
  223. # Ironport
  224. deny from 204.15.80.0/22
  225. # Lightspeed Systems Security
  226. deny from 66.17.15.128/26
  227. deny from 69.84.207.32/27
  228. deny from 69.84.207.128/25
  229. # Layered Technologies
  230. deny from 72.36.128.0/17
  231. deny from 72.232.0.0/16
  232. deny from 72.233.0.0/17
  233. deny from 216.32.0.0/14
  234. # M86
  235. deny from 67.192.231.224/29
  236. deny from 208.90.236.0/22
  237. # McAfee-Secure-Computing
  238. deny from 69.48.241.64/26
  239. deny from 80.66.0.0/19
  240. deny from 192.55.214.0/24
  241. deny from 207.67.117.0/24
  242. # Phish-Inspector.com
  243. deny from 209.147.127.208/28
  244. # Prescient Software, Inc. Phishmongers
  245. deny from 198.186.190.0/23
  246. deny from 198.186.192.0/23
  247. deny from 198.186.194.0/24
  248. # urlfilterdb
  249. deny from 207.210.99.32/29
  250. # websense-in.car1.sandiego1.level3.net
  251. deny from 4.53.120.22
  252. # Websense
  253. deny from 66.194.6.0/24
  254. deny from 67.117.201.128/28
  255. deny from 69.67.32.0/20
  256. deny from 131.191.87.0/24
  257. deny from 204.15.64.0/21
  258. deny from 208.80.192.0/21
  259. deny from 212.62.26.64/27
  260. deny from 213.168.226.0/24
  261. deny from 213.168.241.0/30
  262. deny from 213.168.242.0/30
  263. deny from 213.236.150.16/28
  264. # Yandex
  265. deny from 77.88.0.0/18
  266. deny from 77.88.22.0/23
  267. deny from 77.88.24.0/21
  268. deny from 77.88.24.0/22
  269. deny from 77.88.28.0/22
  270. deny from 77.88.36.0/23
  271. deny from 77.88.42.0/23
  272. deny from 77.88.44.0/24
  273. deny from 77.88.50.0/23
  274. deny from 87.250.224.0/19
  275. deny from 87.250.230.0/23
  276. deny from 87.250.252.0/22
  277. deny from 93.158.128.0/18
  278. deny from 93.158.137.0/24
  279. deny from 93.158.144.0/21
  280. deny from 93.158.144.0/23
  281. deny from 93.158.146.0/23
  282. deny from 93.158.148.0/22
  283. deny from 95.108.128.0/17
  284. deny from 95.108.128.0/24
  285. deny from 95.108.152.0/22
  286. deny from 95.108.216.0/23
  287. deny from 95.108.240.0/21
  288. deny from 95.108.248.0/23
  289. deny from 178.154.128.0/17
  290. deny from 178.154.160.0/22
  291. deny from 178.154.164.0/23
  292. deny from 199.36.240.0/22
  293. deny from 213.180.192.0/19
  294. deny from 213.180.204.0/24
  295. deny from 213.180.206.0/23
  296. deny from 213.180.209.0/24
  297. deny from 213.180.218.0/23
  298. deny from 213.180.220.0/23
  299. # End Custom Blocks. Add a couple line breaks below this as well.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!