Last active
October 23, 2021 22:18
-
-
Save loorlab/58e0715f8bf09beab08b to your computer and use it in GitHub Desktop.
.htaccess WordPress - 2017 *Use it according to your server and your preferences.* // In the next line change this name --> Header set X-Powered-By "LOOR Lab" --> for which you want to use. DO NOT COPY\PASTE. Take only what you need carefully. The following code is just a few **examples** of optimizations that you can do in .htaccess file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # BEGIN WordPress | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^index\.php$ - [L] | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule . /index.php [L] | |
| </IfModule> | |
| # END WordPress | |
| AddType image/svg+xml svg | |
| # SECURITY WordPress # | |
| # Start HackRepair.com Blacklist | |
| RewriteEngine on | |
| # Start Abuse Agent Blocking | |
| RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*Indy" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Mozilla.*NEWT" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^$" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Maxthon$" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^SeaMonkey$" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Acunetix" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^binlar" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^BlackWidow" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Bolt 0" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^BOT for JCE" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Bot mailto\:craftbot@yahoo\.com" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^casper" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^checkprivacy" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^ChinaClaw" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^clshttp" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^cmsworldmap" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^comodo" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Custo" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Default Browser 0" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^diavol" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^DIIbot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^DISCo" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^dotbot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Download Demon" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^eCatch" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^EirGrabber" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^EmailCollector" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^EmailSiphon" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^EmailWolf" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Express WebPictures" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^extract" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^ExtractorPro" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^EyeNetIE" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^feedfinder" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^FHscan" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^FlashGet" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^flicky" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^g00g1e" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^GetRight" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^GetWeb\!" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Go\!Zilla" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Go\-Ahead\-Got\-It" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^grab" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^GrabNet" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Grafula" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^harvest" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^HMView" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^ia_archiver" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Image Stripper" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Image Sucker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^InterGET" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Internet Ninja" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^InternetSeer\.com" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^jakarta" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Java" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^JetCar" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^JOC Web Spider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^kanagawa" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^kmccrew" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^larbin" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^LeechFTP" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^libwww" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Mass Downloader" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^microsoft\.url" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^MIDown tool" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^miner" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Mister PiX" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^MSFrontPage" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Navroad" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^NearSite" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Net Vampire" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^NetAnts" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^NetSpider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^NetZIP" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^nutch" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Octopus" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Offline Explorer" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Offline Navigator" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^PageGrabber" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Papa Foto" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^pavuk" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^pcBrowser" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^PeoplePal" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^planetwork" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^psbot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^purebot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^pycurl" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^RealDownload" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^ReGet" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Rippers 0" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^sitecheck\.internetseer\.com" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^SiteSnagger" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^skygrid" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^SmartDownload" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^sucker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^SuperBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^SuperHTTP" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Surfbot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^tAkeOut" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Teleport Pro" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Toata dragostea mea pentru diavola" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^turnit" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^vikspider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^VoidEYE" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Web Image Collector" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Web Sucker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebAuto" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebBandit" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebCopier" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebFetch" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebGo IS" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebLeacher" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebReaper" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebSauger" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Website eXtractor" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Website Quester" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebStripper" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebWhacker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WebZIP" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Wget" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Widow" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WPScan" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WWW\-Mechanize" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^WWWOFFLE" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Xaldon WebSpider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^Zeus" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "^zmeu" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "360Spider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "CazoodleBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "discobot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "EasouSpider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "ecxi" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "GT\:\:WWW" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "heritrix" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "HTTP\:\:Lite" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "HTTrack" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "ia_archiver" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "id\-search" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "IDBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Indy Library" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "IRLbot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "ISC Systems iRc Search 2\.1" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "LinksCrawler" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "LinksManager\.com_bot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "linkwalker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "lwp\-trivial" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "MFC_Tear_Sample" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Microsoft URL Control" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Missigua Locator" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "MJ12bot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "panscient\.com" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "PECL\:\:HTTP" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "PHPCrawl" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "PleaseCrawl" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "SBIder" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "SearchmetricsBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "SeznamBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Snoopy" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Steeler" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "URI\:\:Fetch" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "urllib" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Web Sucker" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "webalta" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "WebCollage" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "Wells Search II" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "WEP Search" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "XoviBot" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "YisouSpider" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "zermelo" [NC,OR] | |
| RewriteCond %{HTTP_USER_AGENT} "ZyBorg" [NC,OR] | |
| # End Abuse Agent Blocking | |
| # Start Abuse HTTP Referrer Blocking | |
| RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?semalt\.com" [NC,OR] | |
| RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?kambasoft\.com" [NC,OR] | |
| RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?savetubevideo\.com" [NC] | |
| # End Abuse HTTP Referrer Blocking | |
| RewriteRule ^.* - [F,L] | |
| # End HackRepair.com Blacklist, http://pastebin.com/u/hackrepair | |
| # Rules to block access to WordPress specific files | |
| <files .htaccess> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| <files readme.html> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| <files readme.txt> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| <files install.php> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| <files wp-config.php> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| # Rules to disable XML-RPC | |
| <files xmlrpc.php> | |
| Order allow,deny | |
| Deny from all | |
| </files> | |
| # Rules to disable directory browsing | |
| Options -Indexes | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| # Rules to protect wp-includes | |
| RewriteRule ^wp-admin/includes/ - [F] | |
| RewriteRule !^wp-includes/ - [S=3] | |
| RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php | |
| RewriteRule ^wp-includes/[^/]+\.php$ - [F] | |
| RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] | |
| RewriteRule ^wp-includes/theme-compat/ - [F] | |
| # Rules to prevent php execution in uploads | |
| RewriteRule ^(.*)/uploads/(.*).php(.?) - [F] | |
| # Rules to block unneeded HTTP methods | |
| RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC] | |
| RewriteRule ^(.*)$ - [F] | |
| # Rules to block foreign characters in URLs | |
| RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F).* [NC] | |
| RewriteRule ^(.*)$ - [F] | |
| # Rules to help reduce spam - url.com = URL Site | |
| RewriteCond %{REQUEST_METHOD} POST | |
| RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php* | |
| RewriteCond %{HTTP_REFERER} !^(.*)url.com.* | |
| RewriteCond %{HTTP_REFERER} !^http://jetpack\.wordpress\.com/jetpack-comment/ [OR] | |
| RewriteCond %{HTTP_USER_AGENT} ^$ | |
| RewriteRule ^(.*)$ - [F] | |
| </IfModule> | |
| # END SECURITY WordPress # | |
| #START PERFORMANCE | |
| #GZIP | |
| <ifModule mod_gzip.c> | |
| mod_gzip_on Yes | |
| mod_gzip_dechunk Yes | |
| mod_gzip_item_include file .(html?|txt|css|js|php|pl)$ | |
| mod_gzip_item_include handler ^cgi-script$ | |
| mod_gzip_item_include mime ^text/.* | |
| mod_gzip_item_include mime ^application/x-javascript.* | |
| mod_gzip_item_exclude mime ^image/.* | |
| mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* | |
| </ifModule> | |
| # leverage browser caching | |
| <IfModule mod_mime.c> | |
| AddType text/css .css | |
| AddType text/x-component .htc | |
| AddType application/x-javascript .js | |
| AddType application/javascript .js2 | |
| AddType text/javascript .js3 | |
| AddType text/x-js .js4 | |
| AddType text/html .html .htm | |
| AddType text/richtext .rtf .rtx | |
| AddType image/svg+xml .svg .svgz | |
| AddType text/plain .txt | |
| AddType text/xsd .xsd | |
| AddType text/xsl .xsl | |
| AddType text/xml .xml | |
| AddType video/asf .asf .asx .wax .wmv .wmx | |
| AddType video/avi .avi | |
| AddType image/bmp .bmp | |
| AddType application/java .class | |
| AddType video/divx .divx | |
| AddType application/msword .doc .docx | |
| AddType application/vnd.ms-fontobject .eot | |
| AddType application/x-msdownload .exe | |
| AddType image/gif .gif | |
| AddType application/x-gzip .gz .gzip | |
| AddType image/x-icon .ico | |
| AddType image/jpeg .jpg .jpeg .jpe | |
| AddType application/json .json | |
| AddType application/vnd.ms-access .mdb | |
| AddType audio/midi .mid .midi | |
| AddType video/quicktime .mov .qt | |
| AddType audio/mpeg .mp3 .m4a | |
| AddType video/mp4 .mp4 .m4v | |
| AddType video/mpeg .mpeg .mpg .mpe | |
| AddType application/vnd.ms-project .mpp | |
| AddType application/x-font-otf .otf | |
| AddType application/vnd.ms-opentype .otf | |
| AddType application/vnd.oasis.opendocument.database .odb | |
| AddType application/vnd.oasis.opendocument.chart .odc | |
| AddType application/vnd.oasis.opendocument.formula .odf | |
| AddType application/vnd.oasis.opendocument.graphics .odg | |
| AddType application/vnd.oasis.opendocument.presentation .odp | |
| AddType application/vnd.oasis.opendocument.spreadsheet .ods | |
| AddType application/vnd.oasis.opendocument.text .odt | |
| AddType audio/ogg .ogg | |
| AddType application/pdf .pdf | |
| AddType image/png .png | |
| AddType application/vnd.ms-powerpoint .pot .pps .ppt .pptx | |
| AddType audio/x-realaudio .ra .ram | |
| AddType application/x-shockwave-flash .swf | |
| AddType application/x-tar .tar | |
| AddType image/tiff .tif .tiff | |
| AddType application/x-font-ttf .ttf .ttc | |
| AddType application/vnd.ms-opentype .ttf .ttc | |
| AddType audio/wav .wav | |
| AddType audio/wma .wma | |
| AddType application/vnd.ms-write .wri | |
| AddType application/font-woff .woff | |
| AddType application/vnd.ms-excel .xla .xls .xlsx .xlt .xlw | |
| AddType application/zip .zip | |
| </IfModule> | |
| # End leverage browser caching | |
| ## EXPIRES CACHING ## | |
| <IfModule mod_expires.c> | |
| ExpiresActive On | |
| ExpiresByType text/css A31536000 | |
| ExpiresByType text/x-component A31536000 | |
| ExpiresByType application/x-javascript A31536000 | |
| ExpiresByType application/javascript A31536000 | |
| ExpiresByType text/javascript A31536000 | |
| ExpiresByType text/x-js A31536000 | |
| ExpiresByType text/html A3600 | |
| ExpiresByType text/richtext A3600 | |
| ExpiresByType image/svg+xml A3600 | |
| ExpiresByType text/plain A3600 | |
| ExpiresByType text/xsd A3600 | |
| ExpiresByType text/xsl A3600 | |
| ExpiresByType text/xml A3600 | |
| ExpiresByType video/asf A31536000 | |
| ExpiresByType video/avi A31536000 | |
| ExpiresByType image/bmp A31536000 | |
| ExpiresByType application/java A31536000 | |
| ExpiresByType video/divx A31536000 | |
| ExpiresByType application/msword A31536000 | |
| ExpiresByType application/vnd.ms-fontobject A31536000 | |
| ExpiresByType application/x-msdownload A31536000 | |
| ExpiresByType image/gif A31536000 | |
| ExpiresByType application/x-gzip A31536000 | |
| ExpiresByType image/x-icon A31536000 | |
| ExpiresByType image/jpeg A31536000 | |
| ExpiresByType application/json A31536000 | |
| ExpiresByType application/vnd.ms-access A31536000 | |
| ExpiresByType audio/midi A31536000 | |
| ExpiresByType video/quicktime A31536000 | |
| ExpiresByType audio/mpeg A31536000 | |
| ExpiresByType video/mp4 A31536000 | |
| ExpiresByType video/mpeg A31536000 | |
| ExpiresByType application/vnd.ms-project A31536000 | |
| ExpiresByType application/x-font-otf A31536000 | |
| ExpiresByType application/vnd.ms-opentype A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.database A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.chart A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.formula A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.graphics A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.presentation A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.spreadsheet A31536000 | |
| ExpiresByType application/vnd.oasis.opendocument.text A31536000 | |
| ExpiresByType audio/ogg A31536000 | |
| ExpiresByType application/pdf A31536000 | |
| ExpiresByType image/png A31536000 | |
| ExpiresByType application/vnd.ms-powerpoint A31536000 | |
| ExpiresByType audio/x-realaudio A31536000 | |
| ExpiresByType image/svg+xml A31536000 | |
| ExpiresByType application/x-shockwave-flash A31536000 | |
| ExpiresByType application/x-tar A31536000 | |
| ExpiresByType image/tiff A31536000 | |
| ExpiresByType application/x-font-ttf A31536000 | |
| ExpiresByType application/vnd.ms-opentype A31536000 | |
| ExpiresByType audio/wav A31536000 | |
| ExpiresByType audio/wma A31536000 | |
| ExpiresByType application/vnd.ms-write A31536000 | |
| ExpiresByType application/font-woff A31536000 | |
| ExpiresByType application/vnd.ms-excel A31536000 | |
| ExpiresByType application/zip A31536000 | |
| </IfModule> | |
| ## EXPIRES CACHING ## | |
| <IfModule mod_deflate.c> | |
| <IfModule mod_headers.c> | |
| Header append Vary User-Agent env=!dont-vary | |
| </IfModule> | |
| # BEGIN GZIP | |
| AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json | |
| # END GZIP | |
| <IfModule mod_mime.c> | |
| # DEFLATE by extension | |
| AddOutputFilter DEFLATE js css htm html xml | |
| </IfModule> | |
| </IfModule> | |
| <FilesMatch "\.(css|htc|less|js|js2|js3|js4|CSS|HTC|LESS|JS|JS2|JS3|JS4)$"> | |
| FileETag MTime Size | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public" | |
| Header unset Set-Cookie | |
| Header set X-Powered-By "LOOR Lab" | |
| </IfModule> | |
| </FilesMatch> | |
| <FilesMatch "\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|SVG|SVGZ|TXT|XSD|XSL|XML)$"> | |
| FileETag MTime Size | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public" | |
| Header set X-Powered-By "LOOR Lab" | |
| </IfModule> | |
| </FilesMatch> | |
| <FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|woff|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|JSON|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|WAV|WMA|WRI|WOFF|XLA|XLS|XLSX|XLT|XLW|ZIP)$"> | |
| FileETag MTime Size | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public" | |
| Header unset Set-Cookie | |
| Header set X-Powered-By "LOOR Lab" | |
| </IfModule> | |
| </FilesMatch> | |
| # END Caching methods | |
| # compress text, HTML, JavaScript, CSS, and XML | |
| AddOutputFilterByType DEFLATE application/xhtml+xml | |
| AddOutputFilterByType DEFLATE application/rss+xml | |
| # remove browser bugs | |
| BrowserMatch ^Mozilla/4 gzip-only-text/html | |
| BrowserMatch ^Mozilla/4\.0[678] no-gzip | |
| BrowserMatch \bMSIE !no-gzip !gzip-only-text/html | |
| Header append Vary User-Agent | |
| Header set Expires "Thu, 15 Apr 2012 20:00:00 GMT" | |
| #END PERFORMANCE |
Well, this is the result of a process of a plugin called https://wordpress.org/plugins/better-wp-security/, are the security rules from the configuration of this plugin.
We only add some rules, some other rules of apache are taken because we can not modify or touch the server directly, in the case of some of our customers who have shared servers to apply these rules.
About X-Powered-By header, for us Gist is like a reference file, it is not a tutorial and they are not obliged to use the file, it must suppose that you must replace LOOR Lab by the name that you want to use.
If you can share a .htaccess that is the one indicated would be of great help.
Thanks !
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sorry, but many of these rules are either not required because they are the same as the apache default settings if not explicitly overwritten or because WordPress itself has secure defaults (such as empty index.php files in all core folders). Preventing access to files like wp-config.php is also useless since this file has no output sent to browsers. Blocking the TRACE HTTP method doesn't do anything else apart from making network debugging harder.
Enabling gzip is useless since you enable mod_deflate later on, and you also add the deflate output filter outside of the IfModule block, which may break sites on legacy web servers.
Hiding readme files and the wp-login.php does not help security in any way - if someone wants to find out your WordPress version, they will.
Oh hey, and stop putting your company name or whatever ("LOOR Lab") in people's X-Powered-By header, that's not cool.
Summary: This is trash. Don't use this file unless you know what you are doing (if so, why are you looking at this at all?). Most of this is useless, some outright dangerous.