# Mulai
Options -Indexes
Order Allow,Deny
Deny from env=DenyAccess
Allow from all
#contoh blok IP pengakses
SetEnvIF REMOTE_ADDR "^118\.68\.121\.74$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^118\.68\.121\.74$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^118\.68\.121\.74$" DenyAccess
SetEnvIF REMOTE_ADDR "^182\.166\.43\.117$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^182\.166\.43\.117$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^182\.166\.43\.117$" DenyAccess
SetEnvIF REMOTE_ADDR "^187\.247\.58\.157$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^187\.247\.58\.157$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^187\.247\.58\.157$" DenyAccess
<files .htaccess>
Order allow,deny
Deny from all
</files>
<files readme.html>
Order allow,deny
Deny from all
</files>
<files readme.txt>
Order allow,deny
Deny from all
</files>
<files install.php>
Order allow,deny
Deny from all
</files>
<files wp-config.php>
Order allow,deny
Deny from all
</files>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR]
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|concat|insert|union|declare).* [NC]
RewriteCond %{QUERY_STRING} !^loggedout=true
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteCond %{HTTP_REFERER} !^http://maps\.googleapis\.com(.*)$
RewriteRule ^(.*)$ - [F,L]
RewriteRule ^login/?$ /wp-login.php?6frnwmexv5mzpd3co6dai [R,L]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^admin/?$ /wp-login.php?6frnwmexv5mzpd3co6dai&redirect_to=/wp-admin/ [R,L]
RewriteRule ^admin/?$ /wp-admin/?6frnwmexv5mzpd3co6dai [R,L]
RewriteRule ^register/?$ /wp-login.php?6frnwmexv5mzpd3co6dai&action=register [R,L]
RewriteCond %{SCRIPT_FILENAME} !^(.*)admin-ajax\.php
RewriteCond %{HTTP_REFERER} !^(.*)or.id/wp-admin
RewriteCond %{HTTP_REFERER} !^(.*)or.id/wp-login\.php
RewriteCond %{HTTP_REFERER} !^(.*)or.id/login
RewriteCond %{HTTP_REFERER} !^(.*)or.id/admin
RewriteCond %{HTTP_REFERER} !^(.*)or.id/register
RewriteCond %{QUERY_STRING} !^6frnwmexv5mzpd3co6dai
RewriteCond %{QUERY_STRING} !^action=logout
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{QUERY_STRING} !^action=register
RewriteCond %{QUERY_STRING} !^action=postpass
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^.*wp-admin/?|^.*wp-login\.php /not_found [R,L]
RewriteCond %{QUERY_STRING} ^loggedout=true
RewriteRule ^.*$ /wp-login.php?6frnwmexv5mzpd3co6dai [R,L]
</IfModule>
# END Better WP Security
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Tidak ada komentar:
Posting Komentar