For more Private Tools DM:
https://t.me/Professor6T9x
/
home
/
mspfmsm
/
aimadaf
/
Upload File
HOME
# ===================================== # BASIC SECURITY HARDENING # ===================================== # Protect wp-config <Files wp-config.php> Require all denied </Files> # Protect .htaccess <Files .htaccess> Require all denied </Files> # Disable directory browsing Options -Indexes # Block access to sensitive files <FilesMatch "(^\.|wp-config\.php|composer\.(json|lock)|package\.json|readme\.html|license\.txt)"> Require all denied </FilesMatch> # ===================================== # BLOCK COMMON EXPLOITS # ===================================== <IfModule mod_rewrite.c> RewriteEngine On # Block base64 injections RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] # Block script injections RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] # Block GLOBALS & _REQUEST RewriteCond %{QUERY_STRING} GLOBALS(=|\[) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[) RewriteRule .* - [F,L] </IfModule> # ===================================== # BLOCK PHP EXECUTION IN UPLOADS # ===================================== <IfModule mod_rewrite.c> RewriteRule ^wp-content/uploads/.*\.php$ - [F,L] </IfModule> # ===================================== # WORDPRESS CORE RULES # ===================================== <IfModule mod_rewrite.c> RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>