Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
.htaccess - Prevent Script Injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
//Source: http://wp.smashingmagazine.com/2010/07/01/10-useful-wordpress-security-tweaks/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment