⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.30
Server IP:
92.222.139.190
Server:
Linux webd002.cluster128.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
PHP Version:
8.2.29
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
mspfmsm
/
stratinova
/
Viewing : .htaccess
# ===================================== # BASIC SECURITY HARDENING # ===================================== # Protect wp-config <Files wp-config.php> Require all denied </Files> # Protect .htaccess <Files .htaccess> Require all denied </Files> # Disable directory browsing Options -Indexes # Block access to sensitive files <FilesMatch "(^\.|wp-config\.php|composer\.(json|lock)|package\.json|readme\.html|license\.txt|xmlrpc\.php)"> Require all denied </FilesMatch> # ===================================== # DISABLE PHP EXECUTION IN UPLOADS & INCLUDES # ===================================== # This is crucial to stop the "Chinese Shop" malware <IfModule mod_rewrite.c> RewriteEngine On # Block PHP execution in uploads (user files) RewriteRule ^wp-content/uploads/.*\.php$ - [F,L] # Block PHP execution in wp-includes (except necessary files) RewriteRule ^wp-includes/(?!css|js|images)/.*\.php$ - [F,L] # Block access to xmlrpc.php (used for brute force attacks) RewriteRule ^xmlrpc\.php$ - [F,L] </IfModule> # ===================================== # BLOCK COMMON EXPLOITS # ===================================== <IfModule mod_rewrite.c> RewriteEngine On # Block base64 injections RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] # Block script injections RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] # Block GLOBALS & _REQUEST RewriteCond %{QUERY_STRING} GLOBALS(=|\[) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[) RewriteRule .* - [F,L] </IfModule> # ===================================== # WORDPRESS CORE RULES # ===================================== <IfModule mod_rewrite.c> RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # ===================================== # BROWSER CACHING (Performance) # ===================================== <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/pdf "access plus 1 month" ExpiresByType text/javascript "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType application/x-javascript "access plus 1 month" ExpiresByType image/x-icon "access plus 1 year" </IfModule> # BEGIN WordPress # Les directives (lignes) entre « BEGIN WordPress » et « END WordPress » sont générées # dynamiquement, et doivent être modifiées uniquement via les filtres WordPress. # Toute modification des directives situées entre ces marqueurs sera surchargée. <IfModule mod_rewrite.c> RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress # Wordfence WAF <Files ".user.ini"> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule !mod_authz_core.c> Order deny,allow Deny from all </IfModule> </Files> # END Wordfence WAF