Completo para wordpress, sem permalinks

2/14/2015 - 6:51 PM

Completo para wordpress, sem permalinks

# Block wp-includes folder and files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

# deny all .exe files
<files "*.exe">
order deny,allow
deny from all
</files>

# prevent directory browsing
Options -Indexes

# protect .htaccess file
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all satisfy all
</Files>

# protect from script injections
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

# protect wp-config.php
<Files wp-config.php>
order allow,deny
deny from all
</Files>

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Completo para wordpress, sem permalinks