# BEGIN All In One WP Security #AIOWPS_BASIC_HTACCESS_RULES_START Require all denied Order deny,allow Deny from all ServerSignature Off LimitRequestBody 10240000 Require all denied Order deny,allow Deny from all #AIOWPS_BASIC_HTACCESS_RULES_END #AIOWPS_PINGBACK_HTACCESS_RULES_START Require all denied Order deny,allow Deny from all #AIOWPS_PINGBACK_HTACCESS_RULES_END #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_START Require all denied Order deny,allow Deny from all #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_END #AIOWPS_DISABLE_INDEX_VIEWS_START Options -Indexes #AIOWPS_DISABLE_INDEX_VIEWS_END #AIOWPS_IP_BLACKLIST_START Order allow,deny Allow from all Deny from 5.188.62.5 Require all granted Require not ip 5.188.62.5 #AIOWPS_IP_BLACKLIST_END #AIOWPS_DISABLE_TRACE_TRACK_START RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #AIOWPS_DISABLE_TRACE_TRACK_END #AIOWPS_FORBID_PROXY_COMMENTS_START RewriteEngine On RewriteCond %{REQUEST_METHOD} ^POST RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule wp-comments-post\.php - [F] #AIOWPS_FORBID_PROXY_COMMENTS_END #AIOWPS_DENY_BAD_QUERY_STRINGS_START RewriteEngine On RewriteCond %{QUERY_STRING} ftp: [NC,OR] RewriteCond %{QUERY_STRING} http: [NC,OR] RewriteCond %{QUERY_STRING} https: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} (\;|'|\"|%22).*(request|insert|union|declare|drop) [NC] RewriteRule ^(.*)$ - [F,L] RewriteRule ^sitemap_index.xml /SitemapIndex.xml [R,L,NC] #AIOWPS_DENY_BAD_QUERY_STRINGS_END #AIOWPS_ADVANCED_CHAR_STRING_FILTER_START RedirectMatch 403 \, RedirectMatch 403 \: RedirectMatch 403 \; RedirectMatch 403 \= RedirectMatch 403 \[ RedirectMatch 403 \] RedirectMatch 403 \^ RedirectMatch 403 \` RedirectMatch 403 \{ RedirectMatch 403 \} RedirectMatch 403 \~ RedirectMatch 403 \" RedirectMatch 403 \$ RedirectMatch 403 \< RedirectMatch 403 \> RedirectMatch 403 \| RedirectMatch 403 \.\. RedirectMatch 403 \%0 RedirectMatch 403 \%A RedirectMatch 403 \%B RedirectMatch 403 \%C RedirectMatch 403 \%D RedirectMatch 403 \%E RedirectMatch 403 \%F RedirectMatch 403 \%22 RedirectMatch 403 \%27 RedirectMatch 403 \%28 RedirectMatch 403 \%29 RedirectMatch 403 \%3C RedirectMatch 403 \%3E RedirectMatch 403 \%3F RedirectMatch 403 \%5B RedirectMatch 403 \%5C RedirectMatch 403 \%5D RedirectMatch 403 \%7B RedirectMatch 403 \%7C RedirectMatch 403 \%7D # COMMON PATTERNS Redirectmatch 403 \_vpi RedirectMatch 403 \.inc Redirectmatch 403 xAou6 Redirectmatch 403 db\_name Redirectmatch 403 select$ Redirectmatch 403 convert\( Redirectmatch 403 \/query\/ RedirectMatch 403 ImpEvData Redirectmatch 403 \.XMLHTTP Redirectmatch 403 proxydeny RedirectMatch 403 function\. Redirectmatch 403 remoteFile Redirectmatch 403 servername Redirectmatch 403 \&rptmode\= Redirectmatch 403 sys\_cpanel RedirectMatch 403 db\_connect RedirectMatch 403 doeditconfig RedirectMatch 403 check\_proxy Redirectmatch 403 system\_user Redirectmatch 403 \/\(null$\/ Redirectmatch 403 clientrequest Redirectmatch 403 option\_value RedirectMatch 403 ref\.outcontrol # SPECIFIC EXPLOITS RedirectMatch 403 errors\. RedirectMatch 403 config\. RedirectMatch 403 include\. RedirectMatch 403 display\. RedirectMatch 403 register\. Redirectmatch 403 password\. RedirectMatch 403 maincore\. RedirectMatch 403 authorize\. Redirectmatch 403 macromates\. RedirectMatch 403 head\_auth\. RedirectMatch 403 submit\_links\. RedirectMatch 403 change\_action\. Redirectmatch 403 com\_facileforms\/ RedirectMatch 403 admin\_db\_utilities\. RedirectMatch 403 admin\.webring\.docs\. Redirectmatch 403 Table\/Latest\/index\. #AIOWPS_ADVANCED_CHAR_STRING_FILTER_END #AIOWPS_BLOCK_SPAMBOTS_START RewriteEngine On RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$ RewriteCond %{HTTP_REFERER} !^http(s)?://(.*)?\.lifeofthesaltonsea\.org [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule .* http://127.0.0.1 [L] #AIOWPS_BLOCK_SPAMBOTS_END #AIOWPS_LOGIN_WHITELIST_START Order Allow,Deny Allow from lifeofthesaltonsea.org Allow from 96.77.203.195 Allow from 192.168.150.0/24 Allow from 192.168.2.0/24 Allow from 192.168.22.0/24 Allow from 76.212.87.49 Allow from 76.212.87.50 Allow from 76.212.87.51 Allow from 76.212.87.52 Allow from 76.212.87.53 Allow from 96.77.203.193 Allow from 96.77.203.194 Allow from 96.77.203.195 Allow from 96.77.203.196 Allow from 96.77.203.197 Require all denied Require local Require ip 127.0.0.1 Require host lifeofthesaltonsea.org Require ip 192.168.150.0/24 Require ip 192.168.2.0/24 Require ip 192.168.22.0/24 Require ip 76.212.87.49 Require ip 76.212.87.50 Require ip 76.212.87.51 Require ip 76.212.87.52 Require ip 76.212.87.53 Require ip 96.77.203.193 Require ip 96.77.203.194 Require ip 96.77.203.195 Require ip 96.77.203.196 Require ip 96.77.203.197 #AIOWPS_LOGIN_WHITELIST_END #AIOWPS_PREVENT_IMAGE_HOTLINKS_START RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{REQUEST_FILENAME} -f RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(.*)?\.lifeofthesaltonsea\.org [NC] RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L] #AIOWPS_PREVENT_IMAGE_HOTLINKS_END # END All In One WP Security # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress RewriteEngine On RewriteRule ^sitemap_index.xml /SitemapIndex.xml [R,L,NC]