Jump to content

WordPress:Mengamankan dengan htaccess

From Wiki

Revision as of 18:43, 23 December 2021 by Kangtain (talk | contribs) (Created page with "===Block Bad Bots=== # Block one or more IP address. # Replace IP_ADDRESS_* with the IP you want to block <Limit GET POST> order allow,deny deny from IP_ADDRESS_1 deny from IP_ADDRESS_2 allow from all </Limit> ===Disable Directory Browsing=== # Disable directory browsing Options All -Indexes ===Allow Only Selected Files from wp-content=== # Disable access to all file types except the following Order deny,allow Deny from all <Files ~ ".(xml|css|js|jpe?g|...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Block Bad Bots

# Block one or more IP address.
# Replace IP_ADDRESS_* with the IP you want to block

<Limit GET POST>
order allow,deny
deny from IP_ADDRESS_1
deny from IP_ADDRESS_2
allow from all
</Limit>

Disable Directory Browsing

# Disable directory browsing
Options All -Indexes

Allow Only Selected Files from wp-content

# Disable access to all file types except the following
Order deny,allow
Deny from all
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$">
Allow from all
</Files>

Restrict All Access to wp-includes

# Block wp-includes folder and files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

Allow only Selected IP Addresses to Access wp-admin

# Limit logins and admin by IP
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 302.143.54.102
allow from IP_ADDRESS_2
</Limit>

Protect wp-config.php and .htaccess from everyone

Retrieved from "https://kangtain.com/wiki/index.php?title=WordPress:Mengamankan_dengan_htaccess&oldid=2140"