# Block access to directories without a default document
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
# NO readme-s (site-wide) http://perldoc.perl.org/perlre.html#Extended-Patterns
<FilesMatch "^.*(?i)readme.txt$">
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
Satisfy All
</IfModule>
# Apache ≥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</FilesMatch>
RewriteEngine On
# Block direct access to plugins and themes (no dollar sign)
# WARNING!!!
# Exclude custom entry points created by poorly written plugins and themes
#RewriteCond "%{REQUEST_URI}" "!=/static/plugins/entry-point.php"
RewriteRule "/(mu-plugins|plugins|themes)/.*.php" - [F]
# Core
# BEGIN WordPress
RewriteRule "^/index.php$" - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule "^" "/index.php" [L]
# END WordPress
