WordPress:Mengamankan dengan htaccess: Difference between revisions
Created page with "===Block Bad Bots=== # Block one or more IP address. # Replace IP_ADDRESS_* with the IP you want to block <Limit GET POST> order allow,deny deny from IP_ADDRESS_1 deny from IP_ADDRESS_2 allow from all </Limit> ===Disable Directory Browsing=== # Disable directory browsing Options All -Indexes ===Allow Only Selected Files from wp-content=== # Disable access to all file types except the following Order deny,allow Deny from all <Files ~ ".(xml|css|js|jpe?g|..." |
|||
| Line 44: | Line 44: | ||
===Protect wp-config.php and .htaccess from everyone=== | ===Protect wp-config.php and .htaccess from everyone=== | ||
# Deny access to wp-config.php file | |||
<files wp-config.php> | |||
order allow,deny | |||
deny from all | |||
</files> | |||
===Deny Image Hotlinking=== | |||
# Prevent image hotlinking script. Replace last URL with any image link you want. | |||
RewriteEngine on | |||
RewriteCond %{HTTP_REFERER} !^$ | |||
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite.com [NC] | |||
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourotherwebsite.com [NC] | |||
RewriteRule \.(jpg|jpeg|png|gif)$ http://i.imgur.com/MlQAH71.jpg [NC,R,L] | |||
===Enable Browser Caching=== | |||
# Setup browser caching | |||
<IfModule mod_expires.c> | |||
ExpiresActive On | |||
ExpiresByType image/jpg "access 1 year" | |||
ExpiresByType image/jpeg "access 1 year" | |||
ExpiresByType image/gif "access 1 year" | |||
ExpiresByType image/png "access 1 year" | |||
ExpiresByType text/css "access 1 month" | |||
ExpiresByType application/pdf "access 1 month" | |||
ExpiresByType text/x-javascript "access 1 month" | |||
ExpiresByType application/x-shockwave-flash "access 1 month" | |||
ExpiresByType image/x-icon "access 1 year" | |||
ExpiresDefault "access 2 days" | |||
</IfModule> | |||
==Source== | |||
*[https://www.wpexplorer.com/htaccess-wordpress-security/ .wpexplorer.com] | |||
[[Category:Security]] | |||
[[Category:CMS]] | |||