.htaccess ######################################################################## # OPTIMAL .htaccess FILE FOR SPEED AND SECURITY @Version 2.0.6 - 10/2022 # ---------------------------------------------------------------------- #Credit @Author: Andreas Hecht ######################################################################## # ----------------------------------------------------------------------# Rewrite from HTTP to HTTPS - if you want to use it, comment it out
# ---------------------------------------------------------------------- ##RewriteEngine On #RewriteCond %{HTTPS} !=on #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # # ----------------------------------------------------------------------# | Activate COR
# ----------------------------------------------------------------------# ----------------------------------------------------------------------- # | Header set Access-Control-Allow-Origin "*" 404 Fix: Block Nuisance Requests for Non-Existent Files
- New in 2018 # https://perishablepress.com/block-nuisance-requests - @Update 2019 # -----------------------------------------------------------------------RedirectMatch 403 (?i)\.php\.suspected RedirectMatch 403 (?i)apple-app-site-association RedirectMatch 403 (?i)/autodiscover/autodiscover.xml # ---------------------------------------------------------------------- # |Compressing and Caching
- Version 2022 Update javascript modules | # ---------------------------------------------------------------------- # Serve resources with far-future expires headers. # # (!) If you don't control versioning with filename-based # cache busting, you should consider lowering the cache times # to something like one week. # # https://httpd.apache.org/docs/current/mod/mod_expires.htmlExpiresActive on ExpiresDefault "access plus 1 month" # CSS ExpiresByType text/css "access plus 1 year" # Data interchange ExpiresByType application/atom+xml "access plus 1 hour" ExpiresByType application/rdf+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/ld+json "access plus 0 seconds" ExpiresByType application/schema+json "access plus 0 seconds" ExpiresByType application/vnd.geo+json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # Favicon (cannot be renamed!) and cursor images ExpiresByType image/vnd.microsoft.icon "access plus 1 week" ExpiresByType image/x-icon "access plus 1 week" # HTML - No Caching ExpiresByType text/html "access plus 0 seconds" # JavaScript ExpiresByType application/javascript "access plus 1 year" ExpiresByType application/x-javascript "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" # Manifest files ExpiresByType application/manifest+json "access plus 1 week" ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" # Update 2020: Google recommendation: cache duration increased to 1 year # @see: https://web.dev/uses-long-cache-ttl/ # Media files ExpiresByType audio/ogg "access plus 1 year" ExpiresByType image/bmp "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType video/mp4 "access plus 1 year" ExpiresByType video/ogg "access plus 1 year" ExpiresByType video/webm "access plus 1 year" # Web fonts # Embedded OpenType (EOT) ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType font/eot "access plus 1 year" # OpenType ExpiresByType font/opentype "access plus 1 year" # TrueType ExpiresByType application/x-font-ttf "access plus 1 year" # Web Open Font Format (WOFF) 1.0 ExpiresByType application/font-woff "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType font/woff "access plus 1 year" # Web Open Font Format (WOFF) 2.0 ExpiresByType application/font-woff2 "access plus 1 year" # Other ExpiresByType text/x-cross-domain-policy "access plus 1 week" # Insert filters / compress text, html, javascript, css, xml: AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/vtt AddOutputFilterByType DEFLATE text/x-component AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/js AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/x-httpd-php AddOutputFilterByType DEFLATE application/x-httpd-fastphp AddOutputFilterByType DEFLATE application/atom+xml AddOutputFilterByType DEFLATE application/json AddOutputFilterByType DEFLATE application/ld+json AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/font-woff2 AddOutputFilterByType DEFLATE application/x-font-woff AddOutputFilterByType DEFLATE application/x-web-app-manifest+json font/woff AddOutputFilterByType DEFLATE font/woff AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon # Exception: Images SetEnvIfNoCase REQUEST_URI \.(?:gif|jpg|jpeg|png|svg)$ no-gzip dont-vary # Drop problematic browsers BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html # Make sure proxies don't deliver the wrong content Header append Vary User-Agent env=!dont-vary #Alternative caching using Apache's "mod_headers", if it's installed.
#Caching of common files - ENABLEDHeader set Cache-Control "max-age=31536000, public" Header append Vary Accept-Encoding # Set Keep Alive Header
Header set Connection keep-alive # If your server don't support ETags deactivate with "None" (and remove header)
Header unset ETag FileETag None# ---------------------------------------------------------------------- # Header append Vary: Accept-Encoding 7G Firewall for Security - Do not change this part @Update 2021
# ---------------------------------------------------------------------- # 7G FIREWALL v1.5 20211103 # @ https://perishablepress.com/7g-firewall/ # 7G:[CORE] ServerSignature Off Options -Indexes RewriteEngine On RewriteBase / # 7G:[QUERY STRING]RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR] RewriteCond %{QUERY_STRING} (/|%2f)(:|%3a)(/|%2f) [NC,OR] RewriteCond %{QUERY_STRING} (order(\s|%20)by(\s|%20)1--) [NC,OR] RewriteCond %{QUERY_STRING} (/|%2f)(\*|%2a)(\*|%2a)(/|%2f) [NC,OR] RewriteCond %{QUERY_STRING} (`|<|>|\^|\|\\|0x00|%00|%0d%0a) [NC,OR] RewriteCond %{QUERY_STRING} (ckfinder|fck|fckeditor|fullclick) [NC,OR] RewriteCond %{QUERY_STRING} ((.*)header:|(.*)set-cookie:(.*)=) [NC,OR] RewriteCond %{QUERY_STRING} (cmd|command)(=|%3d)(chdir|mkdir)(.*)(x20) [NC,OR] RewriteCond %{QUERY_STRING} (globals|mosconfig([a-z_]{1,22})|request)(=|\[) [NC,OR] RewriteCond %{QUERY_STRING} (/|%2f)((wp-)?config)((\.|%2e)inc)?((\.|%2e)php) [NC,OR] RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumbs?)?)((\.|%2e)php) [NC,OR] RewriteCond %{QUERY_STRING} (absolute_|base|root_)(dir|path)(=|%3d)(ftp|https?) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127(\.|%2e)0(\.|%2e)0(\.|%2e)1) [NC,OR] RewriteCond %{QUERY_STRING} (s)?(ftp|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR] RewriteCond %{QUERY_STRING} (\.|20)(get|the)(_|%5f)(permalink|posts_page_url)(\(|%28) [NC,OR] RewriteCond %{QUERY_STRING} ((boot|win)((\.|%2e)ini)|etc(/|%2f)passwd|self(/|%2f)environ) [NC,OR] RewriteCond %{QUERY_STRING} (((/|%2f){3,3})|((\.|%2e){3,3})|((\.|%2e){2,2})(/|%2f|%u2215)) [NC,OR] RewriteCond %{QUERY_STRING} (benchmark|char|exec|fopen|function|html)(.*)(\(|%28)(.*)(\)|%29) [NC,OR] RewriteCond %{QUERY_STRING} (php)([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) [NC,OR] RewriteCond %{QUERY_STRING} (e|%65|%45)(v|%76|%56)(a|%61|%31)(l|%6c|%4c)(.*)(\(|%28)(.*)(\)|%29) [NC,OR] RewriteCond %{QUERY_STRING} (/|%2f)(=|%3d|$&|_mm|cgi(\.|-)|inurl(:|%3a)(/|%2f)|(mod|path)(=|%3d)(\.|%2e)) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3c)(.*)(e|%65|%45)(m|%6d|%4d)(b|%62|%42)(e|%65|%45)(d|%64|%44)(.*)(>|%3e) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3c)(.*)(i|%69|%49)(f|%66|%46)(r|%72|%52)(a|%61|%41)(m|%6d|%4d)(e|%65|%45)(.*)(>|%3e) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3c)(.*)(o|%4f|%6f)(b|%62|%42)(j|%4a|%6a)(e|%65|%45)(c|%63|%43)(t|%74|%54)(.*)(>|%3e) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3c)(.*)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(.*)(>|%3e) [NC,OR] RewriteCond %{QUERY_STRING} (\+|%2b|%20)(d|%64|%44)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR] RewriteCond %{QUERY_STRING} (\+|%2b|%20)(i|%69|%49)(n|%6e|%4e)(s|%73|%53)(e|%65|%45)(r|%72|%52)(t|%74|%54)(\+|%2b|%20) [NC,OR] RewriteCond %{QUERY_STRING} (\+|%2b|%20)(s|%73|%53)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(c|%63|%43)(t|%74|%54)(\+|%2b|%20) [NC,OR] RewriteCond %{QUERY_STRING} (\+|%2b|%20)(u|%75|%55)(p|%70|%50)(d|%64|%44)(a|%61|%41)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR] RewriteCond %{QUERY_STRING} (\\x00|(\"|%22|\'|%27)?0(\"|%22|\'|%27)?(=|%3d)(\"|%22|\'|%27)?0|cast(\(|%28)0x|or%201(=|%3d)1) [NC,OR] RewriteCond %{QUERY_STRING} (g|%67|%47)(l|%6c|%4c)(o|%6f|%4f)(b|%62|%42)(a|%61|%41)(l|%6c|%4c)(s|%73|%53)(=|\[|%[0-9A-Z]{0,2}) [NC,OR] RewriteCond %{QUERY_STRING} (_|%5f)(r|%72|%52)(e|%65|%45)(q|%71|%51)(u|%75|%55)(e|%65|%45)(s|%73|%53)(t|%74|%54)(=|\[|%[0-9A-Z]{2,}) [NC,OR] RewriteCond %{QUERY_STRING} (j|%6a|%4a)(a|%61|%41)(v|%76|%56)(a|%61|%31)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(:|%3a)(.*)(;|%3b|\)|%29) [NC,OR] RewriteCond %{QUERY_STRING} (b|%62|%42)(a|%61|%41)(s|%73|%53)(e|%65|%45)(6|%36)(4|%34)(_|%5f)(e|%65|%45|d|%64|%44)(e|%65|%45|n|%6e|%4e)(c|%63|%43)(o|%6f|%4f)(d|%64|%44)(e|%65|%45)(.*)(\()(.*)(\)) [NC,OR] RewriteCond %{QUERY_STRING} (@copy|\$_(files|get|post)|allow_url_(fopen|include)|auto_prepend_file|blexbot|browsersploit|(c99|php)shell|curl(_exec|test)|disable_functions?|document_root|elastix|encodeuricom|exploit|fclose|fgets|file_put_contents|fputs|fsbuff|fsockopen|gethostbyname|grablogin|hmei7|input_file|null|open_basedir|outfile|passthru|phpinfo|popen|proc_open|quickbrute|remoteview|root_path|safe_mode|shell_exec|site((.){0,2})copier|sux0r|trojan|user_func_array|wget|xertive) [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|\'|\"|\)|%0a|%0d|%22|%27|%3c|%3e|%00)(.*)(/\*|alter|base64|benchmark|cast|concat|convert|create|encode|declare|delete|drop|insert|md5|request|script|select|set|union|update) [NC,OR] RewriteCond %{QUERY_STRING} ((\+|%2b)(concat|delete|get|select|union)(\+|%2b)) [NC,OR] RewriteCond %{QUERY_STRING} (union)(.*)(select)(.*)(\(|%28) [NC,OR] RewriteCond %{QUERY_STRING} (concat|eval)(.*)(\(|%28) [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_QUERY_STRING:%1___%2___%3] # 7G:[REQUEST URI]RewriteCond %{REQUEST_URI} (\^|`|<|>|\\|\|) [NC,OR] RewriteCond %{REQUEST_URI} ([a-z0-9]{2000,}) [NC,OR] RewriteCond %{REQUEST_URI} (=?\\(\'|%27)/?)(\.) [NC,OR] RewriteCond %{REQUEST_URI} (/)(\*|\"|\'|\.|,|&|&?)/?$ [NC,OR] RewriteCond %{REQUEST_URI} (\.)(php)(\()?([0-9]+)(\))?(/)?$ [NC,OR] RewriteCond %{REQUEST_URI} (/)(vbulletin|boards|vbforum)(/)? [NC,OR] RewriteCond %{REQUEST_URI} /((.*)header:|(.*)set-cookie:(.*)=) [NC,OR] RewriteCond %{REQUEST_URI} (/)(ckfinder|fck|fckeditor|fullclick) [NC,OR] RewriteCond %{REQUEST_URI} (\.(s?ftp-?)config|(s?ftp-?)config\.) [NC,OR] RewriteCond %{REQUEST_URI} (\{0\}|\"?0\"?=\"?0|\(/\(|\.\.\.|\+\+\+|\\\") [NC,OR] RewriteCond %{REQUEST_URI} (thumbs?(_editor|open)?|tim(thumbs?)?)(\.php) [NC,OR] RewriteCond %{REQUEST_URI} (\.|20)(get|the)(_)(permalink|posts_page_url)(\() [NC,OR] RewriteCond %{REQUEST_URI} (///|\?\?|/&&|/\*(.*)\*/|/:/|\\\\|0x00|%00|%0d%0a) [NC,OR] RewriteCond %{REQUEST_URI} (/%7e)(root|ftp|bin|nobody|named|guest|logs|sshd)(/) [NC,OR] RewriteCond %{REQUEST_URI} (/)(etc|var)(/)(hidden|secret|shadow|ninja|passwd|tmp)(/)?$ [NC,OR] RewriteCond %{REQUEST_URI} (s)?(ftp|http|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR] RewriteCond %{REQUEST_URI} (/)(=|\$&?|&?(pws|rk)=0|_mm|_vti_|cgi(\.|-)?|(=|/|;|,)nt\.) [NC,OR] RewriteCond %{REQUEST_URI} (\.)(ds_store|htaccess|htpasswd|init?|mysql-select-db)(/)?$ [NC,OR] RewriteCond %{REQUEST_URI} (/)(bin)(/)(cc|chmod|chsh|cpp|echo|id|kill|mail|nasm|perl|ping|ps|python|tclsh)(/)?$ [NC,OR] RewriteCond %{REQUEST_URI} (/)(::[0-9999]|%3a%3a[0-9999]|127\.0\.0\.1|localhost|loopback|makefile|pingserver|wwwroot)(/)? [NC,OR] RewriteCond %{REQUEST_URI} (\(null\)|\{\$itemURL\}|cAsT\(0x|echo(.*)kae|etc/passwd|eval\(|self/environ|\+union\+all\+select) [NC,OR] RewriteCond %{REQUEST_URI} (/)?j((\s)+)?a((\s)+)?v((\s)+)?a((\s)+)?s((\s)+)?c((\s)+)?r((\s)+)?i((\s)+)?p((\s)+)?t((\s)+)?(%3a|:) [NC,OR] RewriteCond %{REQUEST_URI} (/)(awstats|(c99|php|web)shell|document_root|error_log|listinfo|muieblack|remoteview|site((.){0,2})copier|sqlpatch|sux0r) [NC,OR] RewriteCond %{REQUEST_URI} (/)((php|web)?shell|crossdomain|fileditor|locus7|nstview|php(get|remoteview|writer)|r57|remview|sshphp|storm7|webadmin)(.*)(\.|\() [NC,OR] RewriteCond %{REQUEST_URI} (/)(author-panel|bitrix|class|database|(db|mysql)-?admin|filemanager|htdocs|httpdocs|https?|mailman|mailto|msoffice|mysql|_?php-my-admin(.*)|tmp|undefined|usage|var|vhosts|webmaster|www)(/) [NC,OR] RewriteCond %{REQUEST_URI} (base64_(en|de)code|benchmark|child_terminate|curl_exec|e?chr|eval|function|fwrite|(f|p)open|html|leak|passthru|p?fsockopen|phpinfo|posix_(kill|mkfifo|setpgid|setsid|setuid)|proc_(close|get_status|nice|open|terminate)|(shell_)?exec|system)(.*)(\()(.*)(\)) [NC,OR] RewriteCond %{REQUEST_URI} (/)(^$|00.temp00|0day|3index|3xp|70bex?|admin_events|bkht|(php|web)?shell|c99|config(\.)?bak|curltest|db|dompdf|filenetworks|hmei7|index\.php/index\.php/index|jahat|kcrew|keywordspy|libsoft|marg|mobiquo|mysql|nessus|php-?info|racrew|sql|vuln|(web-?|wp-)?(conf\b|config(uration)?)|xertive)(\.php) [NC,OR] RewriteCond %{REQUEST_URI} (\.)(7z|ab4|ace|afm|ashx|aspx?|bash|ba?k?|bin|bz2|cfg|cfml?|cgi|conf\b|config|ctl|dat|db|dist|dll|eml|engine|env|et2|exe|fec|fla|git|hg|inc|ini|inv|jsp|log|lqd|make|mbf|mdb|mmw|mny|module|old|one|orig|out|passwd|pdb|phtml|pl|profile|psd|pst|ptdb|pwd|py|qbb|qdf|rar|rdf|save|sdb|sql|sh|soa|svn|swf|swl|swo|swp|stx|tar|tax|tgz|theme|tls|tmd|wow|xtmpl|ya?ml|zlib)$ [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3] # 7G:[USER AGENT]RewriteCond %{HTTP_USER_AGENT} ([a-z0-9]{2000,}) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (<|%0a|%0d|%27|%3c|%3e|%00|0x00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (ahrefs|alexibot|majestic|mj12bot|rogerbot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ((c99|php|web)shell|remoteview|site((.){0,2})copier) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (econtext|eolasbot|eventures|liebaofast|nominet|oppo\sa33) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (base64_decode|bin/bash|disconnect|eval|lwp-download|unserialize|\\\x22) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (acapbot|acoonbot|asterias|attackbot|backdorbot|becomebot|binlar|blackwidow|blekkobot|blexbot|blowfish|bullseye|bunnys|butterfly|careerbot|casper|checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|cy_cho|datacha|demon|diavol|discobot|dittospyder|dotbot|dotnetdotcom|dumbot|emailcollector|emailsiphon|emailwolf|extract|eyenetie|feedfinder|flaming|flashget|flicky|foobot|g00g1e|getright|gigabot|go-ahead-got|gozilla|grabnet|grafula|harvest|heritrix|httrack|icarus6j|jetbot|jetcar|jikespider|kmccrew|leechftp|libweb|linkextractor|linkscan|linkwalker|loader|masscan|miner|mechanize|morfeus|moveoverbot|netmechanic|netspider|nicerspro|nikto|ninja|nutch|octopus|pagegrabber|petalbot|planetwork|postrank|proximic|purebot|pycurl|python|queryn|queryseeker|radian6|radiation|realdownload|scooter|seekerspider|semalt|siclab|sindice|sistrix|sitebot|siteexplorer|sitesnagger|skygrid|smartdownload|snoopy|sosospider|spankbot|spbot|sqlmap|stackrambler|stripper|sucker|surftbot|sux0r|suzukacz|suzuran|takeout|teleport|telesoft|true_robots|turingos|turnit|vampire|vikspider|voideye|webleacher|webreaper|webstripper|webvac|webviewer|webwhacker|winhttp|wwwoffle|woxbot|xaldon|xxxyy|yamanalab|yioopbot|youda|zeus|zmeu|zune|zyborg) [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_USER_AGENT:%1] # 7G:[REMOTE HOST]RewriteCond %{REMOTE_HOST} (163data|amazonaws|colocrossing|crimea|g00g1e|justhost|kanagawa|loopia|masterhost|onlinehome|poneytel|sprintdatacenter|reverse.softlayer|safenet|ttnet|woodpecker|wowrack) [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_REMOTE_HOST:%1] # 7G:[HTTP REFERRER]RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC,OR] RewriteCond %{HTTP_REFERER} (order(\s|%20)by(\s|%20)1--) [NC,OR] RewriteCond %{HTTP_REFERER} (blue\spill|cocaine|ejaculat|erectile|erections|hoodia|huronriveracres|impotence|levitra|libido|lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby|ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo) [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_HTTP_REFERRER:%1] # 7G:[REQUEST METHOD]RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|trace|track) [NC] RewriteRule .* - [F,L] # RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_METHOD:%1] ################################################################# #7G Addon: Stop Aggressive Scanning for Uploads-Related Targets
# https://perishablepress.com/stop-aggressive-scanning-uploads/ ################################################################## RewriteCond %{REQUEST_URI} /php(unit)?/ [NC,OR] # RewriteCond %{REQUEST_URI} \.(aspx?|env|git(ignore)?|phtml|rar|well-known) [NC,OR] # RewriteCond %{REQUEST_URI} /(cms|control_panel|dashboard|home_url=|lr-admin|manager|panel|staff|webadmin) [NC,OR] # RewriteCond %{REQUEST_URI} /(adm(in)?|blog|cache|checkout|controlpanel|ecommerce|export|magento(-1|web)?|market(place)?|mg|onli(n|k)e|orders?|shop|tmplconnector|uxm|web?store)/ [NC,OR] RewriteCond %{REQUEST_URI} (_timthumb_|timthumb.php) [NC,OR] RewriteCond %{REQUEST_URI} /(install|wp-config|xmlrpc)\.php [NC,OR] RewriteCond %{REQUEST_URI} /(uploadify|uploadbg|up__uzegp)\.php [NC,OR] RewriteCond %{REQUEST_URI} /(comm\.js|mysql-date-function|simplebootadmin|vuln\.htm|www\.root\.) [NC,OR] RewriteCond %{REQUEST_URI} /(admin-uploadify|fileupload|jquery-file-upload|upload_file|upload|uploadify|webforms)/ [NC,OR] RewriteCond %{REQUEST_URI} /(ajax_pluginconf|apikey|connector(.minimal)?|eval-stdin|f0x|login|router|setup-config|sssp|vuln|xattacker)\.php [NC] RewriteRule .* - [F,L] # ---------------------------------------------------------------------- #Block WordPress files from outside access
# ---------------------------------------------------------------------- # No access to the install.phpOrder allow,deny Deny from all # No access to the wp-config.phpOrder allow,deny Deny from all # No access to the readme.htmlOrder Allow,Deny Deny from all Satisfy all # No access to the liesmich.html for DE EditionOrder Allow,Deny Deny from all Satisfy all # No error log accessOrder allow,deny Deny from all #No access to the .htaccess und .htpasswdOrder deny,allow Deny from all # Block access to includes folderRewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] # ---------------------------------------------------------------------- # |Blocking the »ReallyLongRequest« Bandit - New in 2018
# https://perishablepress.com/blocking-reallylongrequest-bandit/ # ----------------------------------------------------------------------RewriteCond %{REQUEST_METHOD} .* [NC] RewriteCond %{THE_REQUEST} (YesThisIsAReallyLongRequest|ScanningForResearchPurpose) [NC,OR] RewriteCond %{QUERY_STRING} (YesThisIsAReallyLongRequest|ScanningForResearchPurpose) [NC] RewriteRule .* - [F,L] # -------------------------------------------------------------------------------------------- #Ultimate hotlink protection
- IMPORTANT: Change »?domain\« in line 361 to your domain name # Example: ?andreas-hecht\ ### if you do not use https, change https in line 361 to http # -------------------------------------------------------------------------------------------- ## RewriteEngine on # RewriteCond %{HTTP_REFERER} !^$ # RewriteCond %{REQUEST_FILENAME} -f # RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC] # RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?domain\. [NC] # RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L] # # ---------------------------------------------------------------------- #Protect your WordPress Login with HTTP Authentification
# ---------------------------------------------------------------------- # If you want to use it, comment it out and set your path to .htpasswd ##AuthName "Admin-Bereich" #AuthType Basic #AuthUserFile /usr/local/www/apache24/your-path/your-domain.com/.htpasswd #require valid-user # # ---------------------------------------------------------------------- #Switch off the security risk XML-RPC interface completely
# ---------------------------------------------------------------------- ### @see https://digwp.com/2009/06/xmlrpc-php-security/Order Deny,Allow Deny from all # ----------------------------------------------------------------------------- #HTTP SECURITY HEADER
| Test on: https://securityheaders.com | UPDATE 05/2022 # ----------------------------------------------------------------------------- ### @see https://scotthelme.co.uk/hardening-your-http-response-headers ### UPDATE 2022 ## No-Referrer-HeaderHeader set Referrer-Policy "no-referrer" ## Strict Origin when cross origin Header #@see https://scotthelme.co.uk/a-new-security-header-referrer-policy/Header set Referrer-Policy "strict-origin-when-cross-origin" ## X-FRAME-OPTIONS-HeaderHeader set X-Frame-Options "sameorigin" ## X-XSS-PROTECTION-HeaderHeader set X-XSS-Protection "1; mode=block" ## X-Content-Type-Options-HeaderHeader set X-Content-Type-Options "nosniff" ## Strict-Transport-Security-Header - for HTTPSHeader set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" ## This prevents that false issued certificates for this website can be used unnoticed. (Experimental) ## @see https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-02Header set Expect-CT "enforce, max-age=21600" # Upgrade Insecure Requests to prevent mixed contentHeader always set Content-Security-Policy "upgrade-insecure-requests" # Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. ## Tutorial: https://github.com/w3c/webappsec-permissions-policy/blob/main/permissions-policy-explainer.mdHeader always set Permissions-Policy "geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)" # ---------------------------------------------------------------------- # Theoriginal WordPress Rewrite Rules
- Do not change anything here, # except you are using a WordPress Multisite # ---------------------------------------------------------------------- # BEGIN WordPress.RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress
1. How to Create a DMARC Record
Setup DMARC record on your domain. We’re going to copy a generic record that will work with any host.
First Check Your DNS With a DMARC Analyzer
2. Add data Zone Records
go to your cpanel select dns zone record after that select Add "TXT" Record check below image
3. DMRC Value Input in text record
if you have no idea then you simple add this text record with your email id.
v=DMARC1;p=none;sp=none;adkim=s;aspf=s;pct=100;fo=0;rf=afrf;ri=86400;rua=mailto:xyz@xyz.com,mailto:xyz1@xyz.com
In this tutorial we learn how to redirect shop page to specific page
1. WooCommerce Shop URL Redirect to !
// Redirect WooCommerce Shop URL
function wc_shop_url_redirect() {
if( is_shop() ){
wp_redirect( home_url( '/tutorials/' ) ); // Assign custom internal page here
exit();
}
}
add_action( 'template_redirect', 'wc_shop_url_redirect' )Woocommerce is best plugin in current market after it's sucess lots of demand
we cover in this articale how to add/remove fuctionality in woocommerce theme, these code snippets help you building your dynamic site
1 . Third party theme support WooCommerce snippet
code is used for declaring WooCommerce support in your theme
function woocommerce_support() {
add_theme_support( 'woocommerce' );
}
add_action( 'after_setup_theme', 'woocommerce_support' );
2 . How to Change shop page title
you can replace woocommerce default shop page via WC snippet
function wc_shop_page_title( $page_title ) {
if( 'Shop' == $page_title) {
return "Usercode shop";
}
}
add_filter( 'woocommerce_page_title', 'wc_shop_page_title');
3. How to change add-to-cart buttom in WC single page
Single page cart button text change code
/ To change add to cart text on single product page
add_filter( 'woocommerce_product_single_add_to_cart_text', 'woocommerce_custom_single_add_to_cart_text' );
function woocommerce_custom_single_add_to_cart_text() { return __( 'Buy Now', 'woocommerce' ); }4. How to change add-to-cart buttom in WC archives page
WC Archive page button text change
// To change add to cart text on product archives page
add_filter( 'woocommerce_product_add_to_cart_text', 'woocommerce_custom_product_add_to_cart_text' );
function woocommerce_custom_product_add_to_cart_text() { return __( 'Buy Now', 'woocommerce' );}5. Skip cart page and redirect to the checkout page after click add to cart
function add_to_cart_checkout_redirect() {
wp_safe_redirect( get_permalink( get_option( 'woocommerce_checkout_page_id' ) ) );
die();
}
add_action( 'woocommerce_add_to_cart', 'add_to_cart_checkout_redirect', 16 );In this article we will see that how we can insert data from one table to another using ‘TRIGGER’ function in SQL server.
Create two Tables
i. customers
ii. orders
Table ‘customers’ —
create table customers(
customer_id int primary key,
first_name varchar(50)
)Table ‘orders’ —
create table orders(
order_id int primary key identity,
price int,
customer_id int
)Inserting data into table customers
insert into customers values(1,’John’),
(2,’Robert’),
(3,’David’),
(4,’John’),
(5,’Betty’)Creating TRIGGER function
create trigger tri_ord
on customers
for insert
as
begin
Declare @customer_id int
select @customer_id = customer_id from inserted
insert into orders(customer_id) values(@customer_id)
print ‘Inserted successfully’
end
go
insert into customers values(10,’Amar’)Sample Output
Here we have implemented file handling where we have created a file in local drive and opened the file edited it and again saved it
We created a specific class to WriteData and ReadData into File
public class FileWrite
{
#Method to write data into file
public void WriteData()
{
FileStream fs = new FileStream("D:\\test.txt",FileMode.Append,FileAccess.Write);
StreamWriter sw = new StreamWriter(fs);
Console.WriteLine("Enter the text to write ");
String str = Console.ReadLine();
sw.WriteLine(str);
sw.Flush();
sw.Close();
fs.Close();
}
#Method to read data from file
public void ReadData()
{
FileStream fs = new FileStream("D:\\test.txt", FileMode.Open, FileAccess.Read);
StreamReader sr = new StreamReader(fs);
Console.WriteLine("Show Content");
sr.BaseStream.Seek(0, SeekOrigin.Begin);
String str = sr.ReadLine();
while(str != null)
{
Console.WriteLine(str);
str = sr.ReadLine();
}
Console.ReadLine();
sr.Close();
fs.Close();
}
}Main method to call the above two method
FileWrite fileWrite = new FileWrite();
fileWrite.WriteData();
fileWrite.ReadData();So finally we are able to read and write data in to file system and save the file into our local system.
We discus in this artical how remove woccommerce add-to-cart button in good way, you can find lots of tutorial in this topic but we cover simple ans secure way to the complete this task.
Code here:
remove_action( 'woocommerce_after_shop_loop_item', 'woocommerce_template_loop_add_to_cart' );
remove_action( 'woocommerce_single_product_summary', 'woocommerce_template_single_add_to_cart', 30 );Are you wondering how to completely or partially turn off WordPress comments?
While comments are a great way to engage your site visitors, you might not want to allow comments on your site for a number of reasons. There are a lot of ways you can disable comments, from only on specific posts, pages, or custom post types, to even completely removing comments from your entire website.
In this article, we’ll show you the step-by-step process of how to disable comments in WordPress.
Why Disable Comments in WordPress?
There are many reasons why you might want to turn off comments on specific posts or pages, or disable comments on your whole website.
For example, bloggers may publish certain posts like announcements that they don’t want to allow comments on. In these cases, you can easily disable comments on those specific posts or pages.
Here’s a quick overview of what you’ll learn in this article:
- Completely Disable Comments
- Disable Comments on Future Posts
- Disable Comments on a Specific Page or Post
- Disable Comments on Pages and Posts in Bulk
- Delete All WordPress Comments
- Disable Comments on Media
- Disable WordPress Comments Sitewide using a Plugin
- Remove “Comments are closed” in WordPress
- Spam Protection Techniques