Skip to content

Instantly share code, notes, and snippets.

@Nodws Nodws/.htaccess
Last active Mar 31, 2020

Embed
What would you like to do?
Htaccess snips
Header set Access-Control-Allow-Origin "*"
<FilesMatch "^(wp-config|wp-settings|wp-trackback|wp-comments-post|xmlrpc)\.php$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
ErrorDocument 410 "Frankly, my dear, I don't give a damn.
#410 Gone with the wind.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(GET|HEAD|POST|PUT)$
RewriteCond %{HTTP_REFERER} !^http://(.*)?yourserver\.com [NC]
RewriteCond %{REQUEST_URI} ^/(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^/(.*)?wp-admin(.*)$
RewriteRule ^(.*)$ - [R=410,L]
</IfModule>
//////////////
ONLY allow access from yourserver.com, saving CPU, and server processing.
Create a Secret directory and INDEX file and have it redirect to /wp-admin
<script>
top.location='/wp-admin/'
</script>
SetEnvIf Request_URI "^/\.well-known/" acme
Allow from env=acme
Satisfy any
AuthType Basic
AuthName "index"
AuthUserFile /home/PATH/.htpasswd
Require valid-user
ErrorDocument 401 "No auth
Options -MultiViews
<IfModule mod_rewrite.c>
RewriteEngine On
#with www
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#OR
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#OR
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
#OR
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.