Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Stop spam/brute force attack logins and comments
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login).php*
RewriteCond %{HTTP_REFERER} !.*example.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
# Stop spam/brute force logins and comments
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login).php*
RewriteCond %{HTTP_REFERER} !.*(example.com|example2.com|example3.com|example4.com).* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/wp-login.php$ [NC]
RewriteRule ^.*$ - [F,L]
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^135.135.135.246$
RewriteCond %{REQUEST_URI} ^/wp-login.php$ [NC]
RewriteRule ^.*$ - [F,L]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.