Ninja Press NinjaPress

## .htaccess
#Block Against User-Agents and Bots
<IfModule mod_setenvif.c>
 SetEnvIfNoCase User-Agent ^$ keep_out
 SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot)   keep_out
 SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
 SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid)   keep_out
 SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|turnit)   keep_out
 SetEnvIfNoCase User-Agent (zmeu|nutch|vikspider|binlar|sucker) keep_out
 <Limit GET POST PUT>
  Order Allow,Deny

## .htaccess
# Disable hotlinking of images with forbidden message
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?seu-dominio.com.br/.*$ [NC]
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
RewriteCond %{HTTP_REFERER} !googleusercontent\. [NC]
RewriteCond %{HTTP_REFERER} !bing\. [NC]

## .htaccess
# Disable hotlinking of images with forbidden message
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?seu-dominio.com.br/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|mp3|flv|swf|zip|rar|mpeg|mpg|wma|wmv|pdf|xls|doc|xlsx|docx|ppt|pptx|txt|rtf)$ - [F]
</IfModule>

## .htaccess
# Protect from spam comments
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*seu-dominio.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

## .htaccess
#protect .htaccess
<Files ~ “^.*\.([Hh][Tt][Aa])”>
order allow,deny
deny from all
satisfy all
</Files>

## .htaccess
# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>

## .htaccess
AuthType Basic
AuthName "Area Administrativa"
AuthUserFile /var/www/vhosts/seudominio.com.br/httpdocs/wp-admin/.htpasswd
Require valid-user

## wp-config.php
define('FORCE_SSL_ADMIN', true);

## functions.php
function string_getInsertedString($long_string,$short_string,$is_html=false){
  if($short_string>=strlen($long_string))return false;
  $insertion_length=strlen($long_string)-strlen($short_string);
  for($i=0;$i<strlen($short_string);++$i){
    if($long_string[$i]!=$short_string[$i])break;
  }
  $inserted_string=substr($long_string,$i,$insertion_length);
  if($is_html && $inserted_string[$insertion_length-1]=='<'){
    $inserted_string='<'.substr($inserted_string,0,$insertion_length-1);
  }
	#Block Against User-Agents and Bots
	<IfModule mod_setenvif.c>
	SetEnvIfNoCase User-Agent ^$ keep_out
	SetEnvIfNoCase User-Agent (casper\|cmsworldmap\|diavol\|dotbot) keep_out
	SetEnvIfNoCase User-Agent (flicky\|ia_archiver\|jakarta\|kmccrew) keep_out
	SetEnvIfNoCase User-Agent (libwww\|planetwork\|pycurl\|skygrid) keep_out
	SetEnvIfNoCase User-Agent (purebot\|comodo\|feedfinder\|turnit) keep_out
	SetEnvIfNoCase User-Agent (zmeu\|nutch\|vikspider\|binlar\|sucker) keep_out
	<Limit GET POST PUT>
	Order Allow,Deny
	# Disable hotlinking of images with forbidden message
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTP_REFERER} !^$
	RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?seu-dominio.com.br/.*$ [NC]
	RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
	RewriteCond %{HTTP_REFERER} !google\. [NC]
	RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
	RewriteCond %{HTTP_REFERER} !googleusercontent\. [NC]
	RewriteCond %{HTTP_REFERER} !bing\. [NC]
	# Protect from spam comments
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{REQUEST_METHOD} POST
	RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
	RewriteCond %{HTTP_REFERER} !.seu-dominio.com. [OR]
	RewriteCond %{HTTP_USER_AGENT} ^$
	RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
	</IfModule>
	#protect .htaccess
	<Files ~ “^.*\.([Hh][Tt][Aa])”>
	order allow,deny
	deny from all
	satisfy all
	</Files>
	# protect wpconfig.php
	<files wp-config.php>
	order allow,deny
	deny from all
	</files>
	AuthType Basic
	AuthName "Area Administrativa"
	AuthUserFile /var/www/vhosts/seudominio.com.br/httpdocs/wp-admin/.htpasswd
	Require valid-user
	function string_getInsertedString($long_string,$short_string,$is_html=false){
	if($short_string>=strlen($long_string))return false;
	$insertion_length=strlen($long_string)-strlen($short_string);
	for($i=0;$i<strlen($short_string);++$i){
	if($long_string[$i]!=$short_string[$i])break;
	}
	$inserted_string=substr($long_string,$i,$insertion_length);
	if($is_html && $inserted_string[$insertion_length-1]=='<'){
	$inserted_string='<'.substr($inserted_string,0,$insertion_length-1);
	}