WordPress:Mengamankan dengan htaccess: Difference between revisions
Created page with "===Block Bad Bots=== # Block one or more IP address. # Replace IP_ADDRESS_* with the IP you want to block <Limit GET POST> order allow,deny deny from IP_ADDRESS_1 deny from IP_ADDRESS_2 allow from all </Limit> ===Disable Directory Browsing=== # Disable directory browsing Options All -Indexes ===Allow Only Selected Files from wp-content=== # Disable access to all file types except the following Order deny,allow Deny from all <Files ~ ".(xml|css|js|jpe?g|..." |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
===Block Bad Bots=== | ===Block Bad Bots=== | ||
<syntaxhighlight lang="apacheconf"> | |||
# Block one or more IP address. | |||
# Replace IP_ADDRESS_* with the IP you want to block | |||
<Limit GET POST> | |||
order allow,deny | |||
deny from IP_ADDRESS_1 | |||
deny from IP_ADDRESS_2 | |||
allow from all | |||
</Limit> | |||
</syntaxhighlight> | |||
===Disable Directory Browsing=== | ===Disable Directory Browsing=== | ||
<syntaxhighlight lang="apacheconf"> | |||
# Disable directory browsing | |||
Options All -Indexes | |||
</syntaxhighlight> | |||
===Allow Only Selected Files from wp-content=== | ===Allow Only Selected Files from wp-content=== | ||
<syntaxhighlight lang="apache"> | |||
# Disable access to all file types except the following | |||
Order deny,allow | |||
Deny from all | |||
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$"> | |||
Allow from all | |||
</Files> | |||
</syntaxhighlight> | |||
===Restrict All Access to wp-includes=== | ===Restrict All Access to wp-includes=== | ||
<syntaxhighlight lang="apache"> | |||
# Block wp-includes folder and files | |||
<IfModule mod_rewrite.c> | |||
RewriteEngine On | |||
RewriteBase / | |||
RewriteRule ^wp-admin/includes/ - [F,L] | |||
RewriteRule !^wp-includes/ - [S=3] | |||
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] | |||
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] | |||
RewriteRule ^wp-includes/theme-compat/ - [F,L] | |||
</IfModule> | |||
</syntaxhighlight> | |||
===Allow only Selected IP Addresses to Access wp-admin=== | ===Allow only Selected IP Addresses to Access wp-admin=== | ||
<syntaxhighlight lang="apacheconf"> | |||
# Limit logins and admin by IP | |||
<Limit GET POST PUT> | |||
order deny,allow | |||
deny from all | |||
allow from 302.143.54.102 | |||
allow from IP_ADDRESS_2 | |||
</Limit> | |||
</syntaxhighlight> | |||
===Protect wp-config.php and .htaccess from everyone=== | ===Protect wp-config.php and .htaccess from everyone=== | ||
<syntaxhighlight lang="apacheconf"> | |||
# Deny access to wp-config.php file | |||
<files wp-config.php> | |||
order allow,deny | |||
deny from all | |||
</files> | |||
</syntaxhighlight> | |||
===Deny Image Hotlinking=== | |||
<syntaxhighlight lang="apache"> | |||
# Prevent image hotlinking script. Replace last URL with any image link you want. | |||
RewriteEngine on | |||
RewriteCond %{HTTP_REFERER} !^$ | |||
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite.com [NC] | |||
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourotherwebsite.com [NC] | |||
RewriteRule \.(jpg|jpeg|png|gif)$ http://i.imgur.com/MlQAH71.jpg [NC,R,L] | |||
</syntaxhighlight> | |||
===Enable Browser Caching=== | |||
<syntaxhighlight lang="apacheconf"> | |||
# Setup browser caching | |||
<IfModule mod_expires.c> | |||
ExpiresActive On | |||
ExpiresByType image/jpg "access 1 year" | |||
ExpiresByType image/jpeg "access 1 year" | |||
ExpiresByType image/gif "access 1 year" | |||
ExpiresByType image/png "access 1 year" | |||
ExpiresByType text/css "access 1 month" | |||
ExpiresByType application/pdf "access 1 month" | |||
ExpiresByType text/x-javascript "access 1 month" | |||
ExpiresByType application/x-shockwave-flash "access 1 month" | |||
ExpiresByType image/x-icon "access 1 year" | |||
ExpiresDefault "access 2 days" | |||
</IfModule> | |||
</syntaxhighlight> | |||
== Source == | |||
*[https://www.wpexplorer.com/htaccess-wordpress-security/ wpexplorer.com] | |||
[[Category:Security]] | |||
[[Category:CMS]] | |||
[[Category:WordPress]] | |||
Latest revision as of 14:32, 25 August 2022
Block Bad Bots
# Block one or more IP address.
# Replace IP_ADDRESS_* with the IP you want to block
<Limit GET POST>
order allow,deny
deny from IP_ADDRESS_1
deny from IP_ADDRESS_2
allow from all
</Limit>
Disable Directory Browsing
# Disable directory browsing
Options All -Indexes
Allow Only Selected Files from wp-content
# Disable access to all file types except the following
Order deny,allow
Deny from all
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$">
Allow from all
</Files>
Restrict All Access to wp-includes
# Block wp-includes folder and files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
Allow only Selected IP Addresses to Access wp-admin
# Limit logins and admin by IP
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 302.143.54.102
allow from IP_ADDRESS_2
</Limit>
Protect wp-config.php and .htaccess from everyone
# Deny access to wp-config.php file
<files wp-config.php>
order allow,deny
deny from all
</files>
Deny Image Hotlinking
# Prevent image hotlinking script. Replace last URL with any image link you want.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourotherwebsite.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://i.imgur.com/MlQAH71.jpg [NC,R,L]
Enable Browser Caching
# Setup browser caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
</IfModule>