# BEGIN Solid Security - Do not modify or remove this line # Solid Security Config Details: 2 # Ban Hosts - Security > Settings > Banned Users SetEnvIF REMOTE_ADDR "^209\.141\.32\.211$" DenyAccess SetEnvIF X-FORWARDED-FOR "^209\.141\.32\.211$" DenyAccess SetEnvIF X-CLUSTER-CLIENT-IP "^209\.141\.32\.211$" DenyAccess SetEnvIF REMOTE_ADDR "^159\.192\.136\.230$" DenyAccess SetEnvIF X-FORWARDED-FOR "^159\.192\.136\.230$" DenyAccess SetEnvIF X-CLUSTER-CLIENT-IP "^159\.192\.136\.230$" DenyAccess Order allow,deny Allow from all Deny from env=DenyAccess Deny from 209.141.32.211 Deny from 159.192.136.230 # Protect System Files - Security > Settings > System Tweaks > System Files Order allow,deny Deny from all Order allow,deny Deny from all Order allow,deny Deny from all Order allow,deny Deny from all # Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing Options -Indexes RewriteEngine On # Protect System Files - Security > Settings > System Tweaks > System Files RewriteRule ^wp-admin/install\.php$ - [F] RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] RewriteRule (^|.*/)\.(git|svn) - [F] # Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F] # END Solid Security - Do not modify or remove this line ### AutoSSL-Satellite Don't Edit Below This Line ### RewriteEngine On # Force HTTPS RewriteCond %{HTTPS} off RewriteCond %{HTTP:X-Forwarded-SSL} !on RewriteRule ^(.*)$ "https://%{HTTP_HOST}%{REQUEST_URI}" [R=301,L] ### AutoSSL-Satellite Don't Edit Above This Line ### # BEGIN LSCACHE # END LSCACHE # BEGIN NON_LSCACHE # END NON_LSCACHE # BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress # BEGIN Security Block # Block the include-only files. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] # Disable directory listing Options All -Indexes # Remove header with PHP version Header always unset X-Powered-By Header unset X-Powered-By # END Security Block # BEGIN LiteSpeed # The directives (lines) between "BEGIN LiteSpeed" and "END LiteSpeed" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. SetEnv noabort 1 # END LiteSpeed