Die optimale .htaccess-Datei für mehr Speed und Sicherheit
# ---------------------------------------------------------------------- | |
# | Komprimierung und Caching | | |
# ---------------------------------------------------------------------- | |
# Serve resources with far-future expires headers. | |
# | |
# (!) If you don't control versioning with filename-based | |
# cache busting, you should consider lowering the cache times | |
# to something like one week. | |
# | |
# https://httpd.apache.org/docs/current/mod/mod_expires.html | |
<IfModule mod_expires.c> | |
ExpiresActive on | |
ExpiresDefault "access plus 1 month" | |
# CSS | |
ExpiresByType text/css "access plus 1 year" | |
# Data interchange | |
ExpiresByType application/atom+xml "access plus 1 hour" | |
ExpiresByType application/rdf+xml "access plus 1 hour" | |
ExpiresByType application/rss+xml "access plus 1 hour" | |
ExpiresByType application/json "access plus 0 seconds" | |
ExpiresByType application/ld+json "access plus 0 seconds" | |
ExpiresByType application/schema+json "access plus 0 seconds" | |
ExpiresByType application/vnd.geo+json "access plus 0 seconds" | |
ExpiresByType application/xml "access plus 0 seconds" | |
ExpiresByType text/xml "access plus 0 seconds" | |
# Favicon (cannot be renamed!) and cursor images | |
ExpiresByType image/vnd.microsoft.icon "access plus 1 week" | |
ExpiresByType image/x-icon "access plus 1 week" | |
# HTML - Behält die Website eine Stunde im Cache, neues wird erst nach Ablauf einer Stunde | |
# angezeigt. Wenn nicht gewuenscht, bei 3600 eine Null eintragen | |
ExpiresByType text/html "access plus 3600 seconds" | |
# JavaScript | |
ExpiresByType application/javascript "access plus 1 year" | |
ExpiresByType application/x-javascript "access plus 1 year" | |
ExpiresByType text/javascript "access plus 1 year" | |
# Manifest files | |
ExpiresByType application/manifest+json "access plus 1 week" | |
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" | |
ExpiresByType text/cache-manifest "access plus 0 seconds" | |
# Media files | |
ExpiresByType audio/ogg "access plus 1 month" | |
ExpiresByType image/bmp "access plus 1 month" | |
ExpiresByType image/gif "access plus 1 month" | |
ExpiresByType image/jpeg "access plus 1 month" | |
ExpiresByType image/png "access plus 1 month" | |
ExpiresByType image/svg+xml "access plus 1 month" | |
ExpiresByType image/webp "access plus 1 month" | |
ExpiresByType video/mp4 "access plus 1 month" | |
ExpiresByType video/ogg "access plus 1 month" | |
ExpiresByType video/webm "access plus 1 month" | |
# Web fonts | |
# Embedded OpenType (EOT) | |
ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
ExpiresByType font/eot "access plus 1 month" | |
# OpenType | |
ExpiresByType font/opentype "access plus 1 month" | |
# TrueType | |
ExpiresByType application/x-font-ttf "access plus 1 month" | |
# Web Open Font Format (WOFF) 1.0 | |
ExpiresByType application/font-woff "access plus 1 month" | |
ExpiresByType application/x-font-woff "access plus 1 month" | |
ExpiresByType font/woff "access plus 1 month" | |
# Web Open Font Format (WOFF) 2.0 | |
ExpiresByType application/font-woff2 "access plus 1 month" | |
# Other | |
ExpiresByType text/x-cross-domain-policy "access plus 1 week" | |
</IfModule> | |
<IfModule mod_deflate.c> | |
# Insert filters / compress text, html, javascript, css, xml: | |
AddOutputFilterByType DEFLATE text/plain | |
AddOutputFilterByType DEFLATE text/html | |
AddOutputFilterByType DEFLATE text/xml | |
AddOutputFilterByType DEFLATE text/css | |
AddOutputFilterByType DEFLATE text/vtt | |
AddOutputFilterByType DEFLATE text/x-component | |
AddOutputFilterByType DEFLATE application/xml | |
AddOutputFilterByType DEFLATE application/xhtml+xml | |
AddOutputFilterByType DEFLATE application/rss+xml | |
AddOutputFilterByType DEFLATE application/js | |
AddOutputFilterByType DEFLATE application/javascript | |
AddOutputFilterByType DEFLATE application/x-javascript | |
AddOutputFilterByType DEFLATE application/x-httpd-php | |
AddOutputFilterByType DEFLATE application/x-httpd-fastphp | |
AddOutputFilterByType DEFLATE application/atom+xml | |
AddOutputFilterByType DEFLATE application/json | |
AddOutputFilterByType DEFLATE application/ld+json | |
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject | |
AddOutputFilterByType DEFLATE application/x-font-ttf | |
AddOutputFilterByType DEFLATE application/x-web-app-manifest+json | |
AddOutputFilterByType DEFLATE font/opentype | |
AddOutputFilterByType DEFLATE image/svg+xml | |
AddOutputFilterByType DEFLATE image/x-icon | |
# Exception: Images | |
SetEnvIfNoCase REQUEST_URI \.(?:gif|jpg|jpeg|png|svg)$ no-gzip dont-vary | |
# Drop problematic browsers | |
BrowserMatch ^Mozilla/4 gzip-only-text/html | |
BrowserMatch ^Mozilla/4\.0[678] no-gzip | |
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html | |
# Make sure proxies don't deliver the wrong content | |
Header append Vary User-Agent env=!dont-vary | |
</IfModule> | |
#Alternative caching using Apache's "mod_headers", if it's installed. | |
#Caching of common files - ENABLED | |
<IfModule mod_headers.c> | |
<FilesMatch "\.(ico|pdf|flv|swf|js|css|gif|png|jpg|jpeg|txt)$"> | |
Header set Cache-Control "max-age=2592000, public" | |
</FilesMatch> | |
</IfModule> | |
<IfModule mod_headers.c> | |
<FilesMatch "\.(js|css|xml|gz)$"> | |
Header append Vary Accept-Encoding | |
</FilesMatch> | |
</IfModule> | |
# Set Keep Alive Header | |
<IfModule mod_headers.c> | |
Header set Connection keep-alive | |
</IfModule> | |
# If your server don't support ETags deactivate with "None" (and remove header) | |
<IfModule mod_expires.c> | |
<IfModule mod_headers.c> | |
Header unset ETag | |
</IfModule> | |
FileETag None | |
</IfModule> | |
# ---------------------------------------------------------------------- | |
# | 7g Firewall für Sicherheit - HIER NICHTS AENDERN, ANSONSTEN IST DIE WEBSITE ANGREIFBAR | |
# ---------------------------------------------------------------------- | |
# 7G FIREWALL v1.2 20190727 | |
# @ https://perishablepress.com/7g-firewall/ | |
# 7G:[QUERY STRING] | |
<IfModule mod_rewrite.c> | |
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC] | |
RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR] | |
RewriteCond %{QUERY_STRING} (/|%2f)(:|%3a)(/|%2f) [NC,OR] | |
RewriteCond %{QUERY_STRING} (/|%2f)(\*|%2a)(\*|%2a)(/|%2f) [NC,OR] | |
RewriteCond %{QUERY_STRING} (~|`|<|>|\^|\|\\|0x00|%00|%0d%0a) [NC,OR] | |
RewriteCond %{QUERY_STRING} (cmd|command)(=|%3d)(chdir|mkdir)(.*)(x20) [NC,OR] | |
RewriteCond %{QUERY_STRING} (fck|ckfinder|fullclick|ckfinder|fckeditor) [NC,OR] | |
RewriteCond %{QUERY_STRING} (/|%2f)((wp-)?config)((\.|%2e)inc)?((\.|%2e)php) [NC,OR] | |
RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumbs?)?)((\.|%2e)php) [NC,OR] | |
RewriteCond %{QUERY_STRING} (absolute_|base|root_)(dir|path)(=|%3d)(ftp|https?) [NC,OR] | |
RewriteCond %{QUERY_STRING} (localhost|loopback|127(\.|%2e)0(\.|%2e)0(\.|%2e)1) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\.|20)(get|the)(_|%5f)(permalink|posts_page_url)(\(|%28) [NC,OR] | |
RewriteCond %{QUERY_STRING} (s)?(ftp|http|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR] | |
RewriteCond %{QUERY_STRING} (globals|mosconfig([a-z_]{1,22})|request)(=|\[|%[a-z0-9]{0,2}) [NC,OR] | |
RewriteCond %{QUERY_STRING} ((boot|win)((\.|%2e)ini)|etc(/|%2f)passwd|self(/|%2f)environ) [NC,OR] | |
RewriteCond %{QUERY_STRING} (((/|%2f){3,3})|((\.|%2e){3,3})|((\.|%2e){2,2})(/|%2f|%u2215)) [NC,OR] | |
RewriteCond %{QUERY_STRING} (benchmark|char|exec|fopen|function|html)(.*)(\(|%28)(.*)(\)|%29) [NC,OR] | |
RewriteCond %{QUERY_STRING} (php)([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) [NC,OR] | |
RewriteCond %{QUERY_STRING} (e|%65|%45)(v|%76|%56)(a|%61|%31)(l|%6c|%4c)(.*)(\(|%28)(.*)(\)|%29) [NC,OR] | |
RewriteCond %{QUERY_STRING} (/|%2f)(=|%3d|$&|_mm|cgi(\.|-)|inurl(:|%3a)(/|%2f)|(mod|path)(=|%3d)(\.|%2e)) [NC,OR] | |
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(e|%65|%45)(m|%6d|%4d)(b|%62|%42)(e|%65|%45)(d|%64|%44)(.*)(>|%3e) [NC,OR] | |
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(i|%69|%49)(f|%66|%46)(r|%72|%52)(a|%61|%41)(m|%6d|%4d)(e|%65|%45)(.*)(>|%3e) [NC,OR] | |
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(o|%4f|%6f)(b|%62|%42)(j|%4a|%6a)(e|%65|%45)(c|%63|%43)(t|%74|%54)(.*)(>|%3e) [NC,OR] | |
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(.*)(>|%3e) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(d|%64|%44)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(i|%69|%49)(n|%6e|%4e)(s|%73|%53)(e|%65|%45)(r|%72|%52)(t|%74|%54)(\+|%2b|%20) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(s|%73|%53)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(c|%63|%43)(t|%74|%54)(\+|%2b|%20) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(u|%75|%55)(p|%70|%50)(d|%64|%44)(a|%61|%41)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR] | |
RewriteCond %{QUERY_STRING} (\\x00|(\"|%22|\'|%27)?0(\"|%22|\'|%27)?(=|%3d)(\"|%22|\'|%27)?0|cast(\(|%28)0x|or%201(=|%3d)1) [NC,OR] | |
RewriteCond %{QUERY_STRING} (g|%67|%47)(l|%6c|%4c)(o|%6f|%4f)(b|%62|%42)(a|%61|%41)(l|%6c|%4c)(s|%73|%53)(=|[|%[0-9A-Z]{0,2}) [NC,OR] | |
RewriteCond %{QUERY_STRING} (_|%5f)(r|%72|%52)(e|%65|%45)(q|%71|%51)(u|%75|%55)(e|%65|%45)(s|%73|%53)(t|%74|%54)(=|[|%[0-9A-Z]{0,2}) [NC,OR] | |
RewriteCond %{QUERY_STRING} (j|%6a|%4a)(a|%61|%41)(v|%76|%56)(a|%61|%31)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(:|%3a)(.*)(;|%3b|\)|%29) [NC,OR] | |
RewriteCond %{QUERY_STRING} (b|%62|%42)(a|%61|%41)(s|%73|%53)(e|%65|%45)(6|%36)(4|%34)(_|%5f)(e|%65|%45|d|%64|%44)(e|%65|%45|n|%6e|%4e)(c|%63|%43)(o|%6f|%4f)(d|%64|%44)(e|%65|%45)(.*)(\()(.*)(\)) [NC,OR] | |
RewriteCond %{QUERY_STRING} (allow_url_(fopen|include)|auto_prepend_file|blexbot|browsersploit|(c99|php)shell|curltest|disable_functions?|document_root|elastix|encodeuricom|exec|exploit|fclose|fgets|fputs|fsbuff|fsockopen|gethostbyname|grablogin|hmei7|input_file|load_file|null|open_basedir|outfile|passthru|popen|proc_open|quickbrute|remoteview|root_path|safe_mode|shell_exec|site((.){0,2})copier|sux0r|trojan|wget|xertive) [NC,OR] | |
RewriteCond %{QUERY_STRING} (;|<|>|\'|\"|\)|%0a|%0d|%22|%27|%3c|%3e|%00)(.*)(/\*|alter|base64|benchmark|cast|char|concat|convert|create|encode|declare|delete|drop|insert|md5|order|request|script|select|set|union|update) [NC,OR] | |
RewriteCond %{QUERY_STRING} ((\+|%2b)(concat|delete|get|select|union)(\+|%2b)) [NC,OR] | |
RewriteCond %{QUERY_STRING} (union)(.*)(select)(.*)(\(|%28) [NC,OR] | |
RewriteCond %{QUERY_STRING} (concat)(.*)(\(|%28) [NC] | |
RewriteRule .* - [F,L] | |
# RewriteRule .* /7g_log.php?log [L,NE,E=7G_QUERY_STRING:%1___%2___%3] | |
</IfModule> | |
# 7G:[REQUEST METHOD] | |
<IfModule mod_rewrite.c> | |
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC] | |
RewriteCond %{REQUEST_METHOD} ^(connect|debug|delete|move|put|trace|track) [NC] | |
RewriteRule .* - [F,L] | |
# RewriteRule .* /7g_log.php?log [L,NE,E=7G_REQUEST_METHOD:%1] | |
</IfModule> | |
# 7G:[HTTP REFERRER] | |
<IfModule mod_rewrite.c> | |
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC] | |
RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC,OR] | |
RewriteCond %{HTTP_REFERER} (ambien|blue\spill|cialis|cocaine|ejaculat|erectile|erections|hoodia|huronriveracres|impotence|levitra|libido|lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby|ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo) [NC] | |
RewriteRule .* - [F,L] | |
# RewriteRule .* /7g_log.php?log [L,NE,E=7G_HTTP_REFERRER:%1] | |
</IfModule> | |
# 7G:[REQUEST URI] | |
<IfModule mod_rewrite.c> | |
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC] | |
RewriteCond %{REQUEST_URI} ([a-z0-9]{2000,}) [NC,OR] | |
RewriteCond %{REQUEST_URI} (=?\\(\'|%27)/?)(\.) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(\*|\"|\'|\.|,|&|&?)/?$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (\.)(php)(\()?([0-9]+)(\))?(/)?$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(vbulletin|boards|vbforum)(/)? [NC,OR] | |
RewriteCond %{REQUEST_URI} (\^|~|`|<|>|,|%|\\|\{|\}|\[|\]|\|) [NC,OR] | |
RewriteCond %{REQUEST_URI} (\.(s?ftp-?)config|(s?ftp-?)config\.) [NC,OR] | |
RewriteCond %{REQUEST_URI} (\{0\}|\"?0\"?=\"?0|\(/\(|\.\.\.|\+\+\+|\\\") [NC,OR] | |
RewriteCond %{REQUEST_URI} (thumbs?(_editor|open)?|tim(thumbs?)?)(\.php) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(fck|ckfinder|fullclick|ckfinder|fckeditor) [NC,OR] | |
RewriteCond %{REQUEST_URI} (\.|20)(get|the)(_)(permalink|posts_page_url)(\() [NC,OR] | |
RewriteCond %{REQUEST_URI} (///|\?\?|/&&|/\*(.*)\*/|/:/|\\\\|0x00|%00|%0d%0a) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/%7e)(root|ftp|bin|nobody|named|guest|logs|sshd)(/) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(etc|var)(/)(hidden|secret|shadow|ninja|passwd|tmp)(/)?$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (s)?(ftp|http|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(=|\$&?|&?(pws|rk)=0|_mm|_vti_|cgi(\.|-)?|(=|/|;|,)nt\.) [NC,OR] | |
RewriteCond %{REQUEST_URI} (\.)(conf(ig)?|ds_store|htaccess|htpasswd|init?|mysql-select-db)(/)?$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(bin)(/)(cc|chmod|chsh|cpp|echo|id|kill|mail|nasm|perl|ping|ps|python|tclsh)(/)?$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(::[0-9999]|%3a%3a[0-9999]|127\.0\.0\.1|localhost|loopback|makefile|pingserver|wwwroot)(/)? [NC,OR] | |
RewriteCond %{REQUEST_URI} (\(null\)|\{\$itemURL\}|cAsT\(0x|echo(.*)kae|etc/passwd|eval\(|self/environ|\+union\+all\+select) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(awstats|(c99|php|web)shell|document_root|error_log|listinfo|muieblack|remoteview|site((.){0,2})copier|sqlpatch|sux0r) [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)((php|web)?shell|conf(ig)?|crossdomain|fileditor|locus7|nstview|php(get|remoteview|writer)|r57|remview|sshphp|storm7|webadmin)(.*)(\.|\() [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(author-panel|bitrix|class|database|(db|mysql)-?admin|filemanager|htdocs|httpdocs|https?|mailman|mailto|msoffice|mysql|_?php-?my-?admin(.*)|sql|system|tmp|undefined|usage|var|vhosts|webmaster|www)(/) [NC,OR] | |
RewriteCond %{REQUEST_URI} (base64_(en|de)code|benchmark|child_terminate|e?chr|eval|exec|function|fwrite|(f|p)open|html|leak|passthru|p?fsockopen|phpinfo|posix_(kill|mkfifo|setpgid|setsid|setuid)|proc_(close|get_status|nice|open|terminate)|(shell_)?exec|system)(.*)(\()(.*)(\)) [NC,OR] | |
RewriteCond %{REQUEST_URI} (\.)(7z|ab4|afm|aspx?|bash|ba?k?|bz2|cfg|cfml?|cgi|conf(ig)?|ctl|dat|db|dll|eml|et2|exe|fec|fla|hg|inc|ini|inv|jsp|log|lqd|mbf|mdb|mmw|mny|old|one|out|passwd|pdb|pl|psd|pst|ptdb|pwd|py|qbb|qdf|rar|rdf|sdb|sql|sh|soa|swf|swl|swp|stx|tar|tax|tgz|tls|tmd|wow|zlib)$ [NC,OR] | |
RewriteCond %{REQUEST_URI} (/)(^$|00.temp00|0day|3xp|70bex?|admin_events|bkht|(php|web)?shell|configbak|curltest|db|dompdf|filenetworks|hmei7|index\.php/index\.php/index|jahat|kcrew|keywordspy|mobiquo|mysql|nessus|php-?info|racrew|sql|ucp|webconfig|(wp-)?conf(ig)?(uration)?|xertive)(\.php) [NC] | |
RewriteRule .* - [F,L] | |
# RewriteRule .* /7g_log.php?log [L,NE,E=7G_REQUEST_URI:%1___%2___%3] | |
</IfModule> | |
# 7G:[USER AGENT] | |
<IfModule mod_rewrite.c> | |
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC] | |
RewriteCond %{HTTP_USER_AGENT} ([a-z0-9]{2000,}) [NC,OR] | |
RewriteCond %{HTTP_USER_AGENT} (<|%0a|%0d|%27|%3c|%3e|%00|0x00) [NC,OR] | |
RewriteCond %{HTTP_USER_AGENT} ((c99|php|web)shell|remoteview|site((.){0,2})copier) [NC,OR] | |
RewriteCond %{HTTP_USER_AGENT} (base64_decode|bin/bash|disconnect|eval|lwp-download|unserialize|\\\x22) [NC,OR] | |
RewriteCond %{HTTP_USER_AGENT} (360Spider|acapbot|acoonbot|ahrefs|alexibot|asterias|attackbot|backdorbot|becomebot|binlar|blackwidow|blekkobot|blexbot|blowfish|bullseye|bunnys|butterfly|careerbot|casper|checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|cy_cho|datacha|demon|diavol|discobot|dittospyder|dotbot|dotnetdotcom|dumbot|emailcollector|emailsiphon|emailwolf|exabot|extract|eyenetie|feedfinder|flaming|flashget|flicky|foobot|g00g1e|getright|gigabot|go-ahead-got|gozilla|grabnet|grafula|harvest|heritrix|httrack|icarus6j|jetbot|jetcar|jikespider|kmccrew|leechftp|libweb|linkextractor|linkscan|linkwalker|loader|miner|majestic|mechanize|mj12bot|morfeus|moveoverbot|netmechanic|netspider|nicerspro|nikto|ninja|nutch|octopus|pagegrabber|planetwork|postrank|proximic|purebot|pycurl|python|queryn|queryseeker|radian6|radiation|realdownload|rogerbot|scooter|seekerspider|semalt|seznambot|siclab|sindice|sistrix|sitebot|siteexplorer|sitesnagger|skygrid|smartdownload|snoopy|sosospider|spankbot|spbot|sqlmap|stackrambler|stripper|sucker|surftbot|sux0r|suzukacz|suzuran|takeout|teleport|telesoft|true_robots|turingos|turnit|vampire|vikspider|voideye|webleacher|webreaper|webstripper|webvac|webviewer|webwhacker|winhttp|wwwoffle|woxbot|xaldon|xxxyy|yamanalab|yioopbot|youda|zeus|zmeu|zune|zyborg) [NC] | |
RewriteRule .* - [F,L] | |
# RewriteRule .* /7g_log.php?log [L,NE,E=7G_USER_AGENT:%1] | |
</IfModule> | |
# ---------------------------------------------------------------------- | |
# | Zeichensatz setzen | |
# ---------------------------------------------------------------------- | |
AddDefaultCharset UTF-8 | |
# ---------------------------------------------------------------------- | |
# Wichtige WordPress-Dateien gegen den Zugriff von außen blocken | |
# ---------------------------------------------------------------------- | |
# Kein Zugriff auf die install.php | |
<files install.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
# Kein Zugriff auf die wp-config.php | |
<files wp-config.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
# Kein Zugriff auf die readme.html | |
<files readme.html> | |
Order Allow,Deny | |
Deny from all | |
Satisfy all | |
</Files> | |
# Kein Zugriff auf die liesmich.html für die DE Edition | |
<Files liesmich.html> | |
Order Allow,Deny | |
Deny from all | |
Satisfy all | |
</Files> | |
# Kein Zugriff auf das Error-Log | |
<files error_log> | |
Order allow,deny | |
Deny from all | |
</files> | |
#Zugriff auf .htaccess und .htpasswd verbieten. Wenn keine .htpasswd benutzt wird, kann der Code dafür entfernt werden. | |
<FilesMatch "(\.htaccess|\.htpasswd)"> | |
Order deny,allow | |
Deny from all | |
</FilesMatch> | |
# Den Zugriff auf den Include-Ordner verbieten | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteRule ^wp-admin/includes/ - [F,L] | |
RewriteRule !^wp-includes/ - [S=3] | |
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] | |
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] | |
RewriteRule ^wp-includes/theme-compat/ - [F,L] | |
</IfModule> | |
# ---------------------------------------------------------------------- | |
# Schutz des Administrator-Bereichs. Wenn der .htaccess/.htpasswd Schutz | |
# genutzt werden soll, auskommentieren UND PFAD ANPASSEN | |
# ---------------------------------------------------------------------- | |
#<Files wp-login.php> | |
#AuthName "Admin-Bereich" | |
#AuthType Basic | |
#AuthUserFile dein/pfad/zur/.htpasswd | |
#require valid-user | |
#</Files> | |
#Full Path Disclosure abschalten - unterdrueckt die Anzeige des vollstaendigen Fehlerpfads | |
php_flag display_errors Off | |
# ---------------------------------------------------------------------- | |
# Hotlinking verbieten (verhindert, dass andere Deine Bilder von Deinem Server nutzen | |
# WICHTIG: Auskommentieren und deine Domain einfuegen | |
# ---------------------------------------------------------------------- | |
#<IfModule mod_rewrite.c> | |
#RewriteEngine on | |
#RewriteCond %{HTTP_REFERER} !^$ | |
#RewriteCond %{HTTP_REFERER} !^https://(www\.)?drweb\.de(/.*)?$ [NC] | |
#RewriteRule \.(jpg|jpeg|gif||png)$ - [F] | |
#</ifModule> | |
# ---------------------------------------------------------------------- | |
# Das Sicherheitsrisiko XML-RPC Schnittstelle komplett abschalten | |
# ---------------------------------------------------------------------- | |
<Files xmlrpc.php> | |
Order Deny,Allow | |
Deny from all | |
</Files> | |
# ---------------------------------------------------------------------- | |
# | WordPress Rewrite Rules - HIER NICHTS AENDERN, ODER WORDPRESS FUNKTIONIERT NICHT MEHR | |
# ---------------------------------------------------------------------- | |
# BEGIN WordPress | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteRule ^index\.php$ - [L] | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule . /index.php [L] | |
</IfModule> | |
# END WordPress |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment