helsingborg-stad/dunkerskulturhus.se/master/.htaccess
#Redirect to admin
RedirectMatch 301 /admin/(.*) /wp/wp-admin/$1
# WordPress standard
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# Protect wp-config.php
<Files wp-config.php>
Order Deny,Allow
Deny from all
</Files>
# Prevent spam form submit
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login).php*
RewriteCond %{HTTP_REFERER} !.*dunkerskulturhus.se.*
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$1 [R=301,L]
</ifModule>
# Prevent access to XML RPC & Pingback
<FilesMatch "^(xmlrpc.php|wp-trackback.php)">
Order Deny,Allow
Deny from all
</FilesMatch>
# Remove author pages
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} ^author=([0-9]){1,}$ [NC]
RewriteRule ^(.*)$ $1?author=999999 [L]
</ifModule>
# Remove spam refereals
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_REFERER} ^.*(ranksonic.|semalt.|kambasoft.|buttons-for-website.|buttons-for-your-website.com|4webmasters.org|social-buttons.com|best-seo-offer.com|best-seo-solution.com).*$ [NC]
RewriteRule ^(.*)$ - [F]
</ifModule>
# Prevent drive-by-download attacks
<IfModule mod_headers.c>
Header set X-Content-Type-Options nosniff
</IfModule>
# Prevent clickjacking attempts
<IfModule mod_headers.c>
Header always append X-Frame-Options SAMEORIGIN
</IfModule>
On Github License
Files
Download PDF of Htaccess file