aobasar · February 6, 2022 09:35
diff --git a/htaccess samples b/htaccess samples

 #Deny access to .htaccess file
 <FilesMatch "(\.htaccess)">
 	Order deny,allow
    Deny from all
 </FilesMatch>

 #Prevent Hotlinking
 RewriteEngine on
 RewriteCond %{HTTP_REFERER} !^$
 RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite.com [NC]
 RewriteRule \.(jpg|jpeg|png|gif)$ http://i.imgur.com/g7ptdBB.png [NC,R,L]


 #Use Browser Caching
 <IfModule mod_expires.c>
 ExpiresActive On
 ExpiresByType image/jpg "access 1 year"
 ExpiresByType image/jpeg "access 1 year"
 ExpiresByType image/gif "access 1 year"
 ExpiresByType image/png "access 1 year"
 ExpiresByType text/css "access 1 month"
 ExpiresByType text/html "access 1 month"
 ExpiresByType application/pdf "access 1 month"
 ExpiresByType text/x-javascript "access 1 month"
 ExpiresByType application/x-shockwave-flash "access 1 month"
 ExpiresByType image/x-icon "access 1 year"
 ExpiresDefault "access 1 month"
 </IfModule>


 #Do Not Allow from IP Addresses
 <Limit GET POST>
 order allow,deny
 deny from 123.456.78.9
 deny from 987.654.32.1
 allow from all
 </Limit>


 #Block the include-only files.
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteRule ^wp-admin/includes/ - [F,L]
 RewriteRule !^wp-includes/ - [S=3]
 RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
 RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
 RewriteRule ^wp-includes/theme-compat/ - [F,L]
 </IfModule>


 #Disable XML-RPC
 <Files xmlrpc.php>
  Order Deny,Allow
  Deny from all
 </Files>


 #Block Files that nobody should have access to outside of WordPress

 #Block important files from outside access
 <files install.php>
 Order allow,deny
 Deny from all
 </files>

 <files wp-config.php>
 Order allow,deny
 Deny from all
 </files>

 # PROTECT readme.html
 <files readme.html>
 Order Allow,Deny
 Deny from all
 Satisfy all
 </Files>

 # PROTECT readme.html
 <Files readme.html>
 Order Allow,Deny
 Deny from all
 Satisfy all
 </Files>

 <files error_log>
 Order allow,deny
 Deny from all
 </files>

 # Block URL based exploits 
 RedirectMatch 403 \[
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 # Ban double slashes in all URLs 
 RewriteCond %{THE_REQUEST} ^[A-Z]+\ /(([^/\ ]+/)*)/+([^\ ]*)
 RewriteRule ^ /%1%3 [L,R=301]
 </IfModule>

	#Deny access to .htaccess file
	<FilesMatch "(\.htaccess)">
	Order deny,allow
	Deny from all
	</FilesMatch>

	#Prevent Hotlinking
	RewriteEngine on
	RewriteCond %{HTTP_REFERER} !^$
	RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourwebsite.com [NC]
	RewriteRule \.(jpg\|jpeg\|png\|gif)$ http://i.imgur.com/g7ptdBB.png [NC,R,L]


	#Use Browser Caching
	<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresByType image/jpg "access 1 year"
	ExpiresByType image/jpeg "access 1 year"
	ExpiresByType image/gif "access 1 year"
	ExpiresByType image/png "access 1 year"
	ExpiresByType text/css "access 1 month"
	ExpiresByType text/html "access 1 month"
	ExpiresByType application/pdf "access 1 month"
	ExpiresByType text/x-javascript "access 1 month"
	ExpiresByType application/x-shockwave-flash "access 1 month"
	ExpiresByType image/x-icon "access 1 year"
	ExpiresDefault "access 1 month"
	</IfModule>


	#Do Not Allow from IP Addresses
	<Limit GET POST>
	order allow,deny
	deny from 123.456.78.9
	deny from 987.654.32.1
	allow from all
	</Limit>


	#Block the include-only files.
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /
	RewriteRule ^wp-admin/includes/ - [F,L]
	RewriteRule !^wp-includes/ - [S=3]
	RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
	RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
	RewriteRule ^wp-includes/theme-compat/ - [F,L]
	</IfModule>


	#Disable XML-RPC
	<Files xmlrpc.php>
	Order Deny,Allow
	Deny from all
	</Files>


	#Block Files that nobody should have access to outside of WordPress

	#Block important files from outside access
	<files install.php>
	Order allow,deny
	Deny from all
	</files>

	<files wp-config.php>
	Order allow,deny
	Deny from all
	</files>

	# PROTECT readme.html
	<files readme.html>
	Order Allow,Deny
	Deny from all
	Satisfy all
	</Files>

	# PROTECT readme.html
	<Files readme.html>
	Order Allow,Deny
	Deny from all
	Satisfy all
	</Files>

	<files error_log>
	Order allow,deny
	Deny from all
	</files>

	# Block URL based exploits
	RedirectMatch 403 \[
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /
	# Ban double slashes in all URLs
	RewriteCond %{THE_REQUEST} ^[A-Z]+\ /(([^/\ ]+/))/+([^\ ])
	RewriteRule ^ /%1%3 [L,R=301]
	</IfModule>