Last active
July 3, 2020 09:47
-
-
Save deviationist/d46842a44f515d02f6ba8cf76aeec09d to your computer and use it in GitHub Desktop.
Prevent access to WP Admin and wp-login.php via .htaccess, but allow access to admin-ajax.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Prevent WP Admin from being accessed (except admin-ajax.php) | |
| #RewriteCond %{HTTP_HOST} ^(|www\.)yourdomain\.(com|net|org)$ [NC] # This line is optional, but useful if you only want to apply the rules to certain domains | |
| RewriteCond %{REQUEST_URI} ^/wp-admin/ [NC] | |
| RewriteCond %{REQUEST_URI} !^/wp-admin/admin-ajax\.php$ [NC] | |
| RewriteRule (.*) %{REQUEST_SCHEME}://%{HTTP_HOST}/ [L,R=301] | |
| # Prevent the WP login form from being accessed | |
| #RewriteCond %{HTTP_HOST} ^(|www\.)yourdomain\.(com|net|org)$ [NC] # This line is optional, but useful if you only want to apply the rules to certain domains | |
| RewriteCond %{REQUEST_URI} ^/wp-login\.php$ [NC] | |
| RewriteRule (.*) %{REQUEST_SCHEME}://%{HTTP_HOST}/ [L,R=301] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment