ldsfkmskdqsdqs xdqsldkqsmdkqsdqs qskdjqlsdjzmalkdjqsd ldsfkmskdqsdqs xdqsldkqsmdkqsdqs qskdjqlsdjzmalkdjqsd # BEGIN Solid Security - Do not modify or remove this line # Solid Security Config Details: 2 # Ban Hosts - Security > Settings > Banned Users SetEnvIF REMOTE_ADDR "^194\.26\.192\.169$" DenyAccess SetEnvIF X-FORWARDED-FOR "^194\.26\.192\.169$" DenyAccess SetEnvIF X-CLUSTER-CLIENT-IP "^194\.26\.192\.169$" DenyAccess Require all granted Require not env DenyAccess Require not ip 194.26.192.169 Order allow,deny Allow from all Deny from env=DenyAccess Deny from 194.26.192.169 # Protect System Files - Security > Settings > System Tweaks > System Files Require all denied Order allow,deny Deny from all Require all denied Order allow,deny Deny from all Require all denied Order allow,deny Deny from all Require all denied Order allow,deny Deny from all # Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing Options -Indexes RewriteEngine On # Protect System Files - Security > Settings > System Tweaks > System Files RewriteRule ^wp-admin/install\.php$ - [F] RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] RewriteRule (^|.*/)\.(git|svn) - [F] # Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # END Solid Security - Do not modify or remove this line # SOFTACULOUS Block author scans RewriteEngine On RewriteBase / RewriteCond %{QUERY_STRING} (author=\d+) [NC,OR] RewriteCond %{REQUEST_URI} ^.*wp-json/wp/v2/users(?!/me) [NC] RewriteRule .* - [F,L] # SOFTACULOUS Block author scans End # BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress # SOFTACULOUS Block xmlrpc Require all denied # SOFTACULOUS Block xmlrpc End # SOFTACULOUS Block .htaccess and .htpasswd Require all denied # SOFTACULOUS Block .htaccess and .htpasswd End # SOFTACULOUS Block directory browsing Options -Indexes # SOFTACULOUS Block directory browsing End # SOFTACULOUS Block access sensitive files Require all denied # SOFTACULOUS Block access sensitive files End # SOFTACULOUS Enable bot protection RewriteEngine on RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC] RewriteRule ^(.*)$ http://no.access/ # SOFTACULOUS Enable bot protection End # php -- BEGIN cPanel-generated handler, do not edit # Set the “ea-php82” package as the default “PHP” programming language. AddHandler application/x-httpd-ea-php82___lsphp .php .php8 .phtml # php -- END cPanel-generated handler, do not edit