krohn/krohn_wp_plugins/master/.htaccess - Htaccess File

krohn/krohn_wp_plugins/master/.htaccess

# eine kleine erweiterung der wordpress eigenen htaccess
# nicht multi-site-kompatibel - dafür muss der block "# BEGIN WordPress" abgepasst werden
# v1.0.0

# Basics
Options +FollowSymlinks -Indexes
FileETag none
Header set Connection keep-alive
AddType x-font/woff .woff

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /

  # 403 Block bad requests
  RewriteRule ^admin/ - [F,L]
  RewriteRule ^admin.php - [F,L]
  RewriteRule ^administrator?/ - [F,L]
  RewriteRule main.jsp - [F,L]
  RewriteRule main.aspx - [F,L]
  RewriteRule main.html - [F,L]
  RewriteRule main.php - [F,L]
  RewriteRule main.asp - [F,L]
  RewriteRule main.htm - [F,L]
  RewriteRule contact.asp - [F,L]
  RewriteRule contact.aspx - [F,L]
  RewriteRule contact.htm - [F,L]
  RewriteRule contact.html - [F,L]
  RewriteRule contact.php - [F,L]
  RewriteRule timthumb.php - [F,L]
  RewriteRule GetFoldersAndFiles - [F,L]
  RewriteRule fckeditor - [F,L]
  RewriteRule FCKeditor - [F,L]
  RewriteRule filemanager - [F,L]
  RewriteRule open-flash-charts - [F,L]
  RewriteRule ofc_upload_image.php - [F,L]
  RewriteRule hatz.php - [F,L]
  RewriteRule uploadify.php - [F,L]
  RewriteRule info.php - [F,L]
  RewriteRule register - [F,L]
  RewriteRule .htaccess - [F,L]
  RewriteRule .htpasswd - [F,L]
  RewriteRule ._error.log - [F,L]
  RewriteRule wp-config.php - [F,L]
  RewriteRule liesmich.html - [F,L]
  RewriteRule readme.html - [F,L]
  RewriteRule license.txt - [F,L]
  RewriteRule error.log - [F,L]
  RewriteRule readme.txt - [F,L]
  RewriteRule readme.md - [F,L]
</IfModule>

<IfModule mod_rewrite.c>
  # reenable to export blog
  RewriteEngine On
  RewriteCond %{QUERY_STRING} author=(.*)
  RewriteRule ^(.*) - [F]
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{QUERY_STRING} twitterpage(.*)
  RewriteRule ^(.*) - [G]
</IfModule>

# block some crawlers
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_USER_AGENT} ^.*(crawler4j|HTTrack|Yandex|Baidu|MegaIndex|libwww|AdvBot|RU_Bot).*$ [NC]
  RewriteRule .* - [F,L]
</IfModule>

# block WPscan crawlers
#<IfModule mod_rewrite.c>
#  RewriteEngine On
#  RewriteCond %{HTTP_USER_AGENT} ^.*(WPScan).*$ [NC]
#  RewriteRule .* - [F,L]
#</IfModule>

# Block comments via Crossposting
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /
  RewriteCond %{REQUEST_METHOD} POST
  RewriteCond %{REQUEST_URI} .wp-comments-post.php*
  RewriteCond %{HTTP_REFERER} !.*${SERVER_NAME}.* [OR]
  RewriteCond %{HTTP_USER_AGENT} ^$
  RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

# Block the include-only files.
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /
  RewriteRule ^wp-admin/includes/ - [F,L]
  RewriteRule !^wp-includes/ - [S=3]
  RewriteRule ^wp-includes/[^/]+.php$ - [F,L]
  RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L]
  RewriteRule ^wp-includes/theme-compat/ - [F,L]
  RewriteRule ^wp-content/uploads/[^/]+.php$ - [F,L]
  RewriteRule ^(.+)/wp-login.php - [F,L]
</IfModule>

<IfModule mod_expires.c>
  ExpiresActive On 

  ExpiresDefault "access plus 1 month"
  ExpiresByType image/x-icon "access plus 1 year"
  ExpiresByType image/gif "access plus 1 month"
  ExpiresByType image/png "access plus 1 month"
  ExpiresByType image/jpg "access plus 1 month"
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 year"
  ExpiresByType x-font/woff "access plus 1 year"
  ExpiresByType video/webm "access plus 1 year"
</IfModule>

<IfModule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-font-woff
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE image/png
  AddOutputFilterByType DEFLATE image/jpeg
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml

  # Remove browser bugs (only needed for really old browsers)
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4.0[678] no-gzip
  BrowserMatch bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent
</IfModule>

<FilesMatch ".(txt|log|xml|css|js|gz|md)$">
  Header set X-Robots-Tag "noindex"
</FilesMatch>

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

On Github License

Files

Download PDF of Htaccess file
DEFLATE, HTTP_REFERER, HTTP_USER_AGENT, no-gzip, POST, QUERY_STRING, REMOTE_ADDR, REQUEST_FILENAME, REQUEST_METHOD, REQUEST_URI, SERVER_NAME

Comments

Apache