Last active
January 27, 2016 15:08
-
-
Save roscabgdn/e68d3703c3ca14cb519d to your computer and use it in GitHub Desktop.
WordPress .htaccess
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# WP Security | |
# PROTECTING DIRECTORIES | |
Options -Indexes | |
#IndexIgnore *.php | |
# WHITELISTING IP ADDRESSES | |
<Files wp-login.php> | |
#Order Deny,Allow | |
#Deny from all | |
# Allow access via this IP address | |
#Allow from 92.86.102.81 | |
</Files> | |
# PROTECTING THE .HTACCESS FILE | |
<Files ~ "^.*.([Hh][Tt][Aa])"> | |
Order Allow,Deny | |
Deny from all | |
Satisfy all | |
</Files> | |
# PROTECT .htaccess | |
<Files .htaccess> | |
order allow,deny | |
deny from all | |
</Files> | |
# PROTECT wpconfig.php | |
<files wp-config.php> | |
order allow,deny | |
deny from all | |
</files> | |
# PROTECTING THE WP-INCLUDES DIRECTORY | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase /wp/ | |
RewriteRule ^wp-admin/includes/ - [F,L] | |
RewriteRule !^wp-includes/ - [S=3] | |
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] | |
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] | |
RewriteRule ^wp-includes/theme-compat/ - [F,L] | |
</IfModule> | |
#Prevent Full Path Disclosure | |
RewriteRule ^wp-includes/rss-functions\.php$ - [R=404,L,NC] | |
# END WP Security |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment