Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # BEGIN iThemes Security
- # BEGIN Ban Users
- # Begin HackRepair.com Blacklist
- RewriteEngine on
- RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^binlar [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^casper [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^cmsworldmap [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^comodo [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^diavol [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^dotbot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^feedfinder [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^flicky [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^jakarta [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^kmccrew [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^nutch [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^planetwork [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^purebot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^pycurl [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^skygrid [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^sucker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^turnit [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^vikspider [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^zmeu [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^CazoodleBot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^discobot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ecxi [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^GT::WWW [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^heritrix [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^HTTP::Lite [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^HTTrack [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^id-search [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^id-search\.org [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^IDBot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Indy\ Library [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^IRLbot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^LinksManager.com_bot [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^linkwalker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^MFC_Tear_Sample [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Microsoft\ URL\ Control [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Missigua\ Locator [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^panscient.com [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^PECL::HTTP [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^PHPCrawl [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^PleaseCrawl [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^SBIder [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Snoopy [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Steeler [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^URI::Fetch [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^urllib [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^User-Agent [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^webalta [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WebCollage [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^Wells\ Search\ II [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^WEP\ Search [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^zermelo [NC,OR]
- RewriteCond %{HTTP_USER_AGENT} ^ZyBorg [NC]
- RewriteRule ^.* - [F]
- # END Ban Users
- # BEGIN Hide Backend
- # Rules to hide the dashboard
- RewriteRule ^/wplogin/?$ /wp-login.php [QSA,L]
- # END Hide Backend
- # BEGIN Tweaks
- # Rules to block access to WordPress specific files
- <files .htaccess>
- Order allow,deny
- Deny from all
- </files>
- <files readme.html>
- Order allow,deny
- Deny from all
- </files>
- <files readme.txt>
- Order allow,deny
- Deny from all
- </files>
- <files install.php>
- Order allow,deny
- Deny from all
- </files>
- <files wp-config.php>
- Order allow,deny
- Deny from all
- </files>
- # Rules to disable directory browsing
- Options -Indexes
- <IfModule mod_rewrite.c>
- RewriteEngine On
- # Rules to protect wp-includes
- RewriteRule ^wp-admin/includes/ - [F]
- RewriteRule !^wp-includes/ - [S=3]
- RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
- RewriteRule ^wp-includes/[^/]+\.php$ - [F]
- RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
- RewriteRule ^wp-includes/theme-compat/ - [F]
- # Rules to prevent php execution in uploads
- RewriteRule ^(.*)/uploads/(.*).php(.?) - [F]
- # Rules to block unneeded HTTP methods
- RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
- RewriteRule ^(.*)$ - [F]
- # Rules to block suspicious URIs
- RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
- RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
- RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
- RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
- RewriteCond %{QUERY_STRING} http\: [NC,OR]
- RewriteCond %{QUERY_STRING} https\: [NC,OR]
- RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
- RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
- RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*(127\.0).* [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
- RewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC]
- RewriteCond %{QUERY_STRING} !^loggedout=true
- RewriteCond %{QUERY_STRING} !^action=rp
- RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
- RewriteCond %{HTTP_REFERER} !^http://maps\.googleapis\.com(.*)$
- RewriteRule ^(.*)$ - [F]
- # Rules to block foreign characters in URLs
- RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F).* [NC]
- RewriteRule ^(.*)$ - [F]
- # Rules to help reduce spam
- RewriteCond %{REQUEST_METHOD} POST
- RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php*
- RewriteCond %{HTTP_REFERER} !^(.*)net.au.*
- RewriteCond %{HTTP_REFERER} !^http://jetpack\.wordpress\.com/jetpack-comment/ [OR]
- RewriteCond %{HTTP_USER_AGENT} ^$
- RewriteRule ^(.*)$ - [F]
- </IfModule>
- # END Tweaks
- # END iThemes Security
- RewriteEngine On
- RewriteBase /
- RewriteRule ^index\.php$ - [L]
- # add a trailing slash to /wp-admin
- RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
- # uploaded files
- RewriteRule ^files/(.+) wp-includes/ms-files.php?file=$1 [L]
- RewriteCond %{REQUEST_FILENAME} -f [OR]
- RewriteCond %{REQUEST_FILENAME} -d
- RewriteRule ^ - [L]
- RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
- RewriteRule ^(.*\.php)$ wp/$1 [L]
- RewriteRule . index.php [L]
Add Comment
Please, Sign In to add comment