# BEGIN All In One WP Security #AIOWPS_BASIC_HTACCESS_RULES_START Require all denied Order deny,allow Deny from all ServerSignature Off LimitRequestBody 10240000 Require all denied Order deny,allow Deny from all #AIOWPS_BASIC_HTACCESS_RULES_END #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_START Require all denied Order deny,allow Deny from all #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_END #AIOWPS_DISABLE_INDEX_VIEWS_START Options -Indexes #AIOWPS_DISABLE_INDEX_VIEWS_END #AIOWPS_DISABLE_TRACE_TRACK_START RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #AIOWPS_DISABLE_TRACE_TRACK_END #AIOWPS_FORBID_PROXY_COMMENTS_START RewriteEngine On RewriteCond %{REQUEST_METHOD} ^POST RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule wp-comments-post\.php - [F] #AIOWPS_FORBID_PROXY_COMMENTS_END #AIOWPS_DENY_BAD_QUERY_STRINGS_START RewriteEngine On RewriteCond %{QUERY_STRING} ftp: [NC,OR] RewriteCond %{QUERY_STRING} http: [NC,OR] RewriteCond %{QUERY_STRING} https: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} (\;|'|\"|%22).*(request|insert|union|declare|drop) [NC] RewriteRule ^(.*)$ - [F,L] #AIOWPS_DENY_BAD_QUERY_STRINGS_END #AIOWPS_ADVANCED_CHAR_STRING_FILTER_START RedirectMatch 403 \, RedirectMatch 403 \: RedirectMatch 403 \; RedirectMatch 403 \= RedirectMatch 403 \[ RedirectMatch 403 \] RedirectMatch 403 \^ RedirectMatch 403 \` RedirectMatch 403 \{ RedirectMatch 403 \} RedirectMatch 403 \~ RedirectMatch 403 \" RedirectMatch 403 \$ RedirectMatch 403 \< RedirectMatch 403 \> RedirectMatch 403 \| RedirectMatch 403 \.\. RedirectMatch 403 \%0 RedirectMatch 403 \%A RedirectMatch 403 \%B RedirectMatch 403 \%C RedirectMatch 403 \%D RedirectMatch 403 \%E RedirectMatch 403 \%F RedirectMatch 403 \%22 RedirectMatch 403 \%27 RedirectMatch 403 \%28 RedirectMatch 403 \%29 RedirectMatch 403 \%3C RedirectMatch 403 \%3E RedirectMatch 403 \%3F RedirectMatch 403 \%5B RedirectMatch 403 \%5C RedirectMatch 403 \%5D RedirectMatch 403 \%7B RedirectMatch 403 \%7C RedirectMatch 403 \%7D # COMMON PATTERNS Redirectmatch 403 \_vpi RedirectMatch 403 \.inc Redirectmatch 403 xAou6 Redirectmatch 403 db\_name Redirectmatch 403 select\( Redirectmatch 403 convert\( Redirectmatch 403 \/query\/ RedirectMatch 403 ImpEvData Redirectmatch 403 \.XMLHTTP Redirectmatch 403 proxydeny RedirectMatch 403 function\. Redirectmatch 403 remoteFile Redirectmatch 403 servername Redirectmatch 403 \&rptmode\= Redirectmatch 403 sys\_cpanel RedirectMatch 403 db\_connect RedirectMatch 403 doeditconfig RedirectMatch 403 check\_proxy Redirectmatch 403 system\_user Redirectmatch 403 \/\(null\)\/ Redirectmatch 403 clientrequest Redirectmatch 403 option\_value RedirectMatch 403 ref\.outcontrol # SPECIFIC EXPLOITS RedirectMatch 403 errors\. RedirectMatch 403 config\. RedirectMatch 403 include\. RedirectMatch 403 display\. RedirectMatch 403 register\. Redirectmatch 403 password\. RedirectMatch 403 maincore\. RedirectMatch 403 authorize\. Redirectmatch 403 macromates\. RedirectMatch 403 head\_auth\. RedirectMatch 403 submit\_links\. RedirectMatch 403 change\_action\. Redirectmatch 403 com\_facileforms\/ RedirectMatch 403 admin\_db\_utilities\. RedirectMatch 403 admin\.webring\.docs\. Redirectmatch 403 Table\/Latest\/index\. #AIOWPS_ADVANCED_CHAR_STRING_FILTER_END #AIOWPS_SIX_G_BLACKLIST_START # 6G FIREWALL/BLACKLIST # @ https://perishablepress.com/6g/ # 6G:[QUERY STRINGS] RewriteEngine On RewriteCond %{QUERY_STRING} (eval\() [NC,OR] RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR] RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR] RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR] RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR] RewriteCond %{QUERY_STRING} (\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR] RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR] RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR] RewriteCond %{QUERY_STRING} ('|\")(.*)(drop|insert|md5|select|union) [NC] RewriteRule .* - [F] # 6G:[REQUEST METHOD] RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|put|trace|track) [NC] RewriteRule .* - [F] # 6G:[REFERRERS] RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000,}) [NC,OR] RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC] RewriteRule .* - [F] # 6G:[REQUEST STRINGS] RedirectMatch 403 (?i)([a-z0-9]{2000,}) RedirectMatch 403 (?i)(https?|ftp|php):/ RedirectMatch 403 (?i)(base64_encode)(.*)(\() RedirectMatch 403 (?i)(=\'|=\%27|/\'/?)\. RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&?)/?$ RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\"\\") RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\|\s|\{|\}|\[|\]|\|) RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack) RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ) RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$ RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php # 6G:[USER AGENTS] SetEnvIfNoCase User-Agent ([a-z0-9]{2000,}) bad_bot SetEnvIfNoCase User-Agent (archive.org|binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|heritrix|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot # Apache < 2.3 Order Allow,Deny Allow from all Deny from env=bad_bot #AIOWPS_IP_BLACKLIST_2_3_START Deny from 118.24.22.152 Deny from 46.119.112.226 #AIOWPS_IP_BLACKLIST_2_3_END # Apache >= 2.3 Require all Granted Require not env bad_bot #AIOWPS_IP_BLACKLIST_2_4_START Require not ip 118.24.22.152 Require not ip 46.119.112.226 #AIOWPS_IP_BLACKLIST_2_4_END #AIOWPS_SIX_G_BLACKLIST_END #AIOWPS_FIVE_G_BLACKLIST_START # 5G BLACKLIST/FIREWALL (2013) # @ http://perishablepress.com/5g-blacklist-2013/ # 5G:[QUERY STRINGS] RewriteEngine On RewriteBase / RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR] RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR] RewriteCond %{QUERY_STRING} (\\|\.\./|`|='$|=%27$) [NC,OR] RewriteCond %{QUERY_STRING} (\;|'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR] RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR] RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR] RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC] RewriteRule .* - [F] # 5G:[USER AGENTS] # SetEnvIfNoCase User-Agent ^$ keep_out SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out Order Allow,Deny Allow from all Deny from env=keep_out # 5G:[REQUEST STRINGS] RedirectMatch 403 (https?|ftp|php)\:// RedirectMatch 403 /(https?|ima|ucp)/ RedirectMatch 403 /(Permanent|Better)$ RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$ RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\") RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$ RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$ RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_) RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml) RedirectMatch 403 \.well\-known/host\-meta RedirectMatch 403 /function\.array\-rand RedirectMatch 403 \)\;\$\(this\)\.html\( RedirectMatch 403 proc/self/environ RedirectMatch 403 msnbot\.htm\)\.\_ RedirectMatch 403 /ref\.outcontrol RedirectMatch 403 com\_cropimage RedirectMatch 403 indonesia\.htm RedirectMatch 403 \{\$itemURL\} RedirectMatch 403 function\(\) RedirectMatch 403 labels\.rdf RedirectMatch 403 /playing.php RedirectMatch 403 muieblackcat # 5G:[REQUEST METHOD] RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #AIOWPS_FIVE_G_BLACKLIST_END #AIOWPS_BLOCK_SPAMBOTS_START RewriteEngine On RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$ RewriteCond %{HTTP_REFERER} !^http(s)?://kolesa-roliki\.kiev\.ua [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule .* http://127.0.0.1 [L] #AIOWPS_BLOCK_SPAMBOTS_END #AIOWPS_PREVENT_IMAGE_HOTLINKS_START RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{REQUEST_FILENAME} -f RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://kolesa-roliki\.kiev\.ua [NC] RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L] #AIOWPS_PREVENT_IMAGE_HOTLINKS_END # END All In One WP Security # BEGIN WpFastestCache RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} ^www.kolesa-roliki.kiev.ua [NC] RewriteRule ^(.*)$ http\:\/\/kolesa\-roliki\.kiev\.ua\/$1 [R=301,L] # Start WPFC Exclude # End WPFC Exclude # Start_WPFC_Exclude_Admin_Cookie RewriteCond %{HTTP:Cookie} !wordpress_logged_in_[^\=]+\=Boss # End_WPFC_Exclude_Admin_Cookie RewriteCond %{HTTP_HOST} ^kolesa-roliki.kiev.ua RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WhatsApp|Mediatoolkitbot) RewriteCond %{REQUEST_METHOD} !POST RewriteCond %{HTTPS} !=on RewriteCond %{REQUEST_URI} !(\/){2}$ RewriteCond %{REQUEST_URI} \/$ RewriteCond %{QUERY_STRING} !.+ RewriteCond %{HTTP:Cookie} !comment_author_ RewriteCond %{HTTP:Cookie} !wp_woocommerce_session RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC] RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/all/$1/index.html -f [or] RewriteCond /home/svetit/kolesa-roliki.kiev.ua/www/wp-content/cache/all/$1/index.html -f RewriteRule ^(.*) "/wp-content/cache/all/$1/index.html" [L] AddDefaultCharset UTF-8 FileETag None Header unset ETag Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT" # END WpFastestCache # BEGIN GzipWpFastestCache AddType x-font/woff .woff AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf # END GzipWpFastestCache # BEGIN LBCWpFastestCache AddType application/font-woff2 .woff2 ExpiresActive On ExpiresDefault A0 ExpiresByType image/webp A2592000 ExpiresByType image/gif A2592000 ExpiresByType image/png A2592000 ExpiresByType image/jpg A2592000 ExpiresByType image/jpeg A2592000 ExpiresByType image/ico A2592000 ExpiresByType image/svg+xml A2592000 ExpiresByType text/css A2592000 ExpiresByType text/javascript A2592000 ExpiresByType application/javascript A2592000 ExpiresByType application/x-javascript A2592000 ExpiresByType application/font-woff2 A2592000 Header set Expires "max-age=2592000, public" Header unset ETag Header set Connection keep-alive FileETag None # END LBCWpFastestCache # BULLETPROOF 2.5 SECURE .HTACCESS # PHP/PHP.INI HANDLER/CACHE CODE # Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently. # Most Hosts do not have/use/require php/php.ini Handler htaccess code # TURN OFF YOUR SERVER SIGNATURE # Suppresses the footer line server version number and ServerName of the serving virtual host ServerSignature Off # DO NOT SHOW DIRECTORY LISTING # Disallow mod_autoindex from displaying a directory listing # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out Options -Indexes # by adding a # sign in front of it. # Example: #Options -Indexes Options -Indexes # DIRECTORY INDEX FORCE INDEX.PHP # Use index.php as default directory index file. index.html will be ignored. # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out DirectoryIndex # by adding a # sign in front of it. # Example: #DirectoryIndex index.php index.html /index.php DirectoryIndex index.php index.html /index.php # BRUTE FORCE LOGIN PAGE PROTECTION # PLACEHOLDER ONLY # Use BPS Custom Code to add Brute Force Login protection code and to save it permanently. # See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ # for more information. # BPS ERROR LOGGING AND TRACKING # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # BPS has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors # that occur on your website. When a hacker attempts to hack your website the hackers IP address, # Host name, Request Method, Referering link, the file name or requested resource, the user agent # of the hacker and the query string used in the hack attempt are logged. # All BPS log files are htaccess protected so that only you can view them. # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/ # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors # after you install BPS and have activated BulletProof Mode for your Root folder. # If you would like to log 404 errors you will need to copy the logging code in the BPS 404.php file # to your Theme's 404.php template file. Simple instructions are included in the BPS 404.php file. # You can open the BPS 404.php file using the WP Plugins Editor or manually editing the file. # NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file. ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php ErrorDocument 401 default ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php ErrorDocument 404 /404.php ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$ # WP-ADMIN/INCLUDES # Use BPS Custom Code to remove this code permanently. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] # WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L] # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES # To add plugin/theme skip/bypass rules use BPS Custom Code. # The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules. # The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9... # If you delete a skip rule, change the other skip rule numbers accordingly. # Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc. # If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13] # Adminer MySQL management tool data populate RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC] RewriteRule . - [S=12] # Comment Spam Pack MU Plugin - CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC] RewriteRule . - [S=11] # Peters Custom Anti-Spam display CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] RewriteRule . - [S=10] # Status Updater plugin fb connect RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . - [S=9] # Stream Video Player - Adding FLV Videos Blocked RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . - [S=8] # XCloner 404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC] RewriteRule . - [S=7] # BuddyPress Logout Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC] RewriteRule . - [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC] RewriteRule . - [S=5] # Login Plugins Password Reset And Redirect 1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . - [S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC] RewriteRule . - [S=3] # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Remote File Inclusion (RFI) security rules # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F] # # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond %{HTTP_REFERER} ^.*kolesa-roliki.kiev.ua.* RewriteRule . - [S=1] # BEGIN BPSQSE BPS QUERY STRING EXPLOITS # The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too. # Good sites such as W3C use it for their W3C-LinkChecker. # Use BPS Custom Code to add or remove user agents temporarily or permanently from the # User Agent filters directly below or to modify/edit/change any of the other security code rules below. RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR] RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)(http|https)(:/|/) [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond %{THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(http|https):// [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} (http|https)\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=(http|https)://(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (sp_executesql) [NC] RewriteRule ^(.*)$ - [F] # END BPSQSE BPS QUERY STRING EXPLOITS RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # WP REWRITE LOOP END # DENY BROWSER ACCESS TO THESE FILES # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html # To be able to view these files from a Browser, replace 127.0.0.1 with your actual # current IP address. Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1 # Note: The BPS System Info page displays which modules are loaded on your server. Order Allow,Deny Deny from all #Allow from 127.0.0.1 # HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE # PLACEHOLDER ONLY # Use BPS Custom Code to add custom code and save it permanently here. # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] Redirect 301 /index.html http://kolesa-roliki.kiev.ua/kolesa-dlja-telezhek/ # END WordPress