Htaccess File

px9/MariaQueenMaria3/master/fashionblog/.htaccess

HTTP_COOKIE, HTTP_REFERER, HTTP_USER_AGENT, POST, QUERY_STRING, REQUEST_FILENAME, REQUEST_METHOD, REQUEST_URI, SCRIPT_FILENAME
# BEGIN iThemes Security
  # BEGIN Hide Backend
      # Rules to hide the dashboard
      RewriteRule ^/fashionblog/mqmvh/?$ /fashionblog/wp-login.php [QSA,L]
    
  # END Hide Backend
  # BEGIN Tweaks
    # Rules to block access to WordPress specific files
    <files .htaccess>
      Order allow,deny
      Deny from all
    </files>
    <files readme.html>
      Order allow,deny
      Deny from all
    </files>
    <files readme.txt>
      Order allow,deny
      Deny from all
    </files>
    <files install.php>
      Order allow,deny
      Deny from all
    </files>
    <files wp-config.php>
      Order allow,deny
      Deny from all
    </files>
    
    # Rules to disable XML-RPC
    <files xmlrpc.php>
      Order allow,deny
      Deny from all
    </files>
    
    # Rules to disable directory browsing
    Options -Indexes
    
    <IfModule mod_rewrite.c>
      RewriteEngine On
    
      # Rules to protect wp-includes
      RewriteRule ^wp-admin/includes/ - [F]
      RewriteRule !^wp-includes/ - [S=3]
      RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
      RewriteRule ^wp-includes/[^/]+.php$ - [F]
      RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F]
      RewriteRule ^wp-includes/theme-compat/ - [F]
    
      # Rules to prevent php execution in uploads
      RewriteRule ^(.*)/uploads/(.*).php(.?) - [F]
    
      # Rules to block unneeded HTTP methods
      RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
      RewriteRule ^(.*)$ - [F]
    
      # Rules to block suspicious URIs
      RewriteCond %{QUERY_STRING} ../ [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
      RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
      RewriteCond %{QUERY_STRING} boot.ini [NC,OR]
      RewriteCond %{QUERY_STRING} ftp:  [NC,OR]
      RewriteCond %{QUERY_STRING} http:  [NC,OR]
      RewriteCond %{QUERY_STRING} https:  [NC,OR]
      RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
      RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
      RewriteCond %{QUERY_STRING} base64_encode.*(.*) [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*([|]|(|)|<|>|ê|"|;|?|*|=$).* [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*(&#x22;|&#x27;|&#x3C;|&#x3E;|&#x5C;|&#x7B;|&#x7C;).* [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*(127.0).* [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
      RewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC]
      RewriteCond %{QUERY_STRING} !^loggedout=true
      RewriteCond %{QUERY_STRING} !^action=jetpack-sso
      RewriteCond %{QUERY_STRING} !^action=rp
      RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
      RewriteCond %{HTTP_REFERER} !^http://maps.googleapis.com(.*)$
      RewriteRule ^(.*)$ - [F]
    
      # Rules to help reduce spam
      RewriteCond %{REQUEST_METHOD} POST
      RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post.php*
      RewriteCond %{HTTP_REFERER} !^(.*)mariaqueenmaria.com.* 
      RewriteCond %{HTTP_REFERER} !^http://jetpack.wordpress.com/jetpack-comment/ [OR]
      RewriteCond %{HTTP_USER_AGENT} ^$
      RewriteRule ^(.*)$ - [F]
    </IfModule>
  # END Tweaks
# END iThemes Security
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /fashionblog/
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /fashionblog/index.php [L]
</IfModule>
# END WordPress
Exit mobile version