API tools faq
paste
Advertisement
willysec_id

Wordpress .htaccess Security

willysec_id
Jul 25th, 2023
180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.53 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. # BEGIN iThemes Security - Do not modify or remove this line
  2. # iThemes Security Config Details: 2
  3. # Protect System Files - Security > Settings > System Tweaks > System Files
  4. <files .htaccess>
  5. <IfModule mod_authz_core.c>
  6. Require all denied
  7. </IfModule>
  8. <IfModule !mod_authz_core.c>
  9. Order allow,deny
  10. Deny from all
  11. </IfModule>
  12. </files>
  13. <files readme.html>
  14. <IfModule mod_authz_core.c>
  15. Require all denied
  16. </IfModule>
  17. <IfModule !mod_authz_core.c>
  18. Order allow,deny
  19. Deny from all
  20. </IfModule>
  21. </files>
  22. <files readme.txt>
  23. <IfModule mod_authz_core.c>
  24. Require all denied
  25. </IfModule>
  26. <IfModule !mod_authz_core.c>
  27. Order allow,deny
  28. Deny from all
  29. </IfModule>
  30. </files>
  31. <files wp-config.php>
  32. <IfModule mod_authz_core.c>
  33. Require all denied
  34. </IfModule>
  35. <IfModule !mod_authz_core.c>
  36. Order allow,deny
  37. Deny from all
  38. </IfModule>
  39. </files>
  40.  
  41. # Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing
  42. Options -Indexes
  43.  
  44. <IfModule mod_rewrite.c>
  45. RewriteEngine On
  46.  
  47. # Protect System Files - Security > Settings > System Tweaks > System Files
  48. RewriteRule ^wp-admin/install\.php$ - [F]
  49. RewriteRule ^wp-admin/includes/ - [F]
  50. RewriteRule !^wp-includes/ - [S=3]
  51. RewriteRule ^wp-includes/[^/]+\.php$ - [F]
  52. RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
  53. RewriteRule ^wp-includes/theme-compat/ - [F]
  54. RewriteCond %{REQUEST_FILENAME} -f
  55. RewriteRule (^|.*/)\.(git|svn)/.* - [F]
  56.  
  57. # Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads
  58. RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
  59.  
  60. # Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins
  61. RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
  62.  
  63. # Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes
  64. RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
  65. </IfModule>
  66. # END iThemes Security - Do not modify or remove this line
  67.  
  68. # BEGIN WpFastestCache
  69. # Modified Time: 05-03-23 4:03:53
  70. <IfModule mod_rewrite.c>
  71. RewriteEngine On
  72. RewriteBase /
  73. RewriteCond %{HTTPS} =on
  74. RewriteCond %{HTTP_HOST} ^ngopartners.org
  75. # Start WPFC Exclude
  76. # End WPFC Exclude
  77. # Start_WPFC_Exclude_Admin_Cookie
  78. RewriteCond %{HTTP:Cookie} !wordpress_logged_in_[^\=]+\=adminngo
  79. # End_WPFC_Exclude_Admin_Cookie
  80. RewriteCond %{HTTP_HOST} ^ngopartners.org
  81. RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WP_FASTEST_CACHE_CSS_VALIDATOR|Twitterbot|LinkedInBot|WhatsApp|Mediatoolkitbot)
  82. RewriteCond %{HTTP_USER_AGENT} !(WP\sFastest\sCache\sPreload(\siPhone\sMobile)?\s*Bot)
  83. RewriteCond %{REQUEST_METHOD} !POST
  84. RewriteCond %{REQUEST_URI} !(\/){2}$
  85. RewriteCond %{REQUEST_URI} \/$
  86. RewriteCond %{QUERY_STRING} !.+
  87. RewriteCond %{HTTP:Cookie} !wordpress_logged_in
  88. RewriteCond %{HTTP:Cookie} !comment_author_
  89. RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil
  90. RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
  91. RewriteCond %{HTTP_USER_AGENT} !^.*\bCrMo\b|CriOS|Android.*Chrome\/[.0-9]*\s(Mobile)?|\bDolfin\b|Opera.*Mini|Opera.*Mobi|Android.*Opera|Mobile.*OPR\/[0-9.]+|Coast\/[0-9.]+|Skyfire|Mobile\sSafari\/[.0-9]*\sEdge|IEMobile|MSIEMobile|fennec|firefox.*maemo|(Mobile|Tablet).*Firefox|Firefox.*Mobile|FxiOS|bolt|teashark|Blazer|Version.*Mobile.*Safari|Safari.*Mobile|MobileSafari|Tizen|UC.*Browser|UCWEB|baiduboxapp|baidubrowser|DiigoBrowser|Puffin|\bMercury\b|Obigo|NF-Browser|NokiaBrowser|OviBrowser|OneBrowser|TwonkyBeamBrowser|SEMC.*Browser|FlyFlow|Minimo|NetFront|Novarra-Vision|MQQBrowser|MicroMessenger|Android.*PaleMoon|Mobile.*PaleMoon|Android|blackberry|\bBB10\b|rim\stablet\sos|PalmOS|avantgo|blazer|elaine|hiptop|palm|plucker|xiino|Symbian|SymbOS|Series60|Series40|SYB-[0-9]+|\bS60\b|Windows\sCE.*(PPC|Smartphone|Mobile|[0-9]{3}x[0-9]{3})|Window\sMobile|Windows\sPhone\s[0-9.]+|WCE;|Windows\sPhone\s10.0|Windows\sPhone\s8.1|Windows\sPhone\s8.0|Windows\sPhone\sOS|XBLWP7|ZuneWP7|Windows\sNT\s6\.[23]\;\sARM\;|\biPhone.*Mobile|\biPod|\biPad|Apple-iPhone7C2|MeeGo|Maemo|J2ME\/|\bMIDP\b|\bCLDC\b|webOS|hpwOS|\bBada\b|BREW.*$ [NC]
  92. RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/all/$1/index.html -f [or]
  93. RewriteCond /home1/astmskmy/public_html/ngopartners/wp-content/cache/all/$1/index.html -f
  94. RewriteRule ^(.*) "/wp-content/cache/all/$1/index.html" [L]
  95. </IfModule>
  96. <FilesMatch "index\.(html|htm)$">
  97. AddDefaultCharset UTF-8
  98. <ifModule mod_headers.c>
  99. FileETag None
  100. Header unset ETag
  101. Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
  102. Header set Pragma "no-cache"
  103. Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT"
  104. </ifModule>
  105. </FilesMatch>
  106. # END WpFastestCache
  107. # BEGIN GzipWpFastestCache
  108. <IfModule mod_deflate.c>
  109. AddType x-font/woff .woff
  110. AddType x-font/ttf .ttf
  111. AddOutputFilterByType DEFLATE image/svg+xml
  112. AddOutputFilterByType DEFLATE text/plain
  113. AddOutputFilterByType DEFLATE text/html
  114. AddOutputFilterByType DEFLATE text/xml
  115. AddOutputFilterByType DEFLATE text/css
  116. AddOutputFilterByType DEFLATE text/javascript
  117. AddOutputFilterByType DEFLATE application/xml
  118. AddOutputFilterByType DEFLATE application/xhtml+xml
  119. AddOutputFilterByType DEFLATE application/rss+xml
  120. AddOutputFilterByType DEFLATE application/javascript
  121. AddOutputFilterByType DEFLATE application/x-javascript
  122. AddOutputFilterByType DEFLATE application/x-font-ttf
  123. AddOutputFilterByType DEFLATE x-font/ttf
  124. AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  125. AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf
  126. </IfModule>
  127. # END GzipWpFastestCache
  128. # BEGIN LBCWpFastestCache
  129. <FilesMatch "\.(webm|ogg|mp4|ico|pdf|flv|avif|jpg|jpeg|png|gif|webp|js|css|swf|x-html|css|xml|js|woff|woff2|otf|ttf|svg|eot)(\.gz)?$">
  130. <IfModule mod_expires.c>
  131. AddType application/font-woff2 .woff2
  132. AddType application/x-font-opentype .otf
  133. ExpiresActive On
  134. ExpiresDefault A0
  135. ExpiresByType video/webm A10368000
  136. ExpiresByType video/ogg A10368000
  137. ExpiresByType video/mp4 A10368000
  138. ExpiresByType image/avif A10368000
  139. ExpiresByType image/webp A10368000
  140. ExpiresByType image/gif A10368000
  141. ExpiresByType image/png A10368000
  142. ExpiresByType image/jpg A10368000
  143. ExpiresByType image/jpeg A10368000
  144. ExpiresByType image/ico A10368000
  145. ExpiresByType image/svg+xml A10368000
  146. ExpiresByType text/css A10368000
  147. ExpiresByType text/javascript A10368000
  148. ExpiresByType application/javascript A10368000
  149. ExpiresByType application/x-javascript A10368000
  150. ExpiresByType application/font-woff2 A10368000
  151. ExpiresByType application/x-font-opentype A10368000
  152. ExpiresByType application/x-font-truetype A10368000
  153. </IfModule>
  154. <IfModule mod_headers.c>
  155. Header set Expires "max-age=A10368000, public"
  156. Header unset ETag
  157. Header set Connection keep-alive
  158. FileETag None
  159. </IfModule>
  160. </FilesMatch>
  161. # END LBCWpFastestCache
  162.  
  163. # BEGIN WordPress
  164. # The directives (lines) between "BEGIN WordPress" and "END WordPress" are
  165. # dynamically generated, and should only be modified via WordPress filters.
  166. # Any changes to the directives between these markers will be overwritten.
  167. <IfModule mod_rewrite.c>
  168. RewriteEngine On
  169. RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  170. RewriteBase /
  171. RewriteRule ^index\.php$ - [L]
  172. RewriteCond %{REQUEST_FILENAME} !-f
  173. RewriteCond %{REQUEST_FILENAME} !-d
  174. RewriteRule . /index.php [L]
  175. </IfModule>
  176.  
  177. # END WordPress
  178.  
  179. # php -- BEGIN cPanel-generated handler, do not edit
  180. # Set the “ea-php80” package as the default “PHP” programming language.
  181. <IfModule mime_module>
  182. AddHandler application/x-httpd-ea-php80 .php .php8 .phtml
  183. </IfModule>
  184. # php -- END cPanel-generated handler, do not edit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!