zartgesotten · May 3, 2022 16:54
diff --git a/htaccess.php b/htaccess.php
 <IfModule mod_expires.c>
 ExpiresActive on
 ExpiresDefault                                      "access plus 1 month"

 # CSS
 ExpiresByType text/css                              "access plus 2 days"

 # Data interchange
 ExpiresByType application/atom+xml                  "access plus 1 hour"
 ExpiresByType application/rdf+xml                   "access plus 1 hour"
 ExpiresByType application/rss+xml                   "access plus 1 hour"

 ExpiresByType application/json                      "access plus 0 seconds"
 ExpiresByType application/ld+json                   "access plus 0 seconds"
 ExpiresByType application/schema+json               "access plus 0 seconds"
 ExpiresByType application/vnd.geo+json              "access plus 0 seconds"
 ExpiresByType application/xml                       "access plus 0 seconds"
 ExpiresByType text/xml                              "access plus 0 seconds"

 # Favicon (cannot be renamed!) and cursor images
 ExpiresByType image/vnd.microsoft.icon              "access plus 1 week"
 ExpiresByType image/x-icon                          "access plus 1 week"

 # HTML - Behält die Website eine Stunde im Cache, neues wird erst nach Ablauf einer Stunde
 # angezeigt. Wenn nicht gewuenscht, bei 3600 eine Null eintragen
 ExpiresByType text/html                             "access plus 3600 seconds"

 # JavaScript
 ExpiresByType application/javascript                "access plus 1 year"
 ExpiresByType application/x-javascript              "access plus 1 year"
 ExpiresByType text/javascript                       "access plus 1 year"

 # Manifest files
 ExpiresByType application/manifest+json             "access plus 1 week"
 ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
 ExpiresByType text/cache-manifest                   "access plus 0 seconds"

 # Media files
 ExpiresByType audio/ogg                             "access plus 1 month"
 ExpiresByType image/bmp                             "access plus 1 month"
 ExpiresByType image/gif                             "access plus 1 month"
 ExpiresByType image/jpeg                            "access plus 1 month"
 ExpiresByType image/png                             "access plus 1 month"
 ExpiresByType image/svg+xml                         "access plus 1 month"
 ExpiresByType image/webp                            "access plus 1 month"
 ExpiresByType video/mp4                             "access plus 1 month"
 ExpiresByType video/ogg                             "access plus 1 month"
 ExpiresByType video/webm                            "access plus 1 month"

 # Web fonts

 # Embedded OpenType (EOT)
 ExpiresByType application/vnd.ms-fontobject         "access plus 1 month"
 ExpiresByType font/eot                              "access plus 1 month"

 # OpenType
 ExpiresByType font/opentype                         "access plus 1 month"

 # TrueType
 ExpiresByType application/x-font-ttf                "access plus 1 month"

 # Web Open Font Format (WOFF) 1.0
 ExpiresByType application/font-woff                 "access plus 1 month"
 ExpiresByType application/x-font-woff               "access plus 1 month"
 ExpiresByType font/woff                             "access plus 1 month"

 # Web Open Font Format (WOFF) 2.0
 ExpiresByType application/font-woff2                "access plus 1 month"

 # Other
 ExpiresByType text/x-cross-domain-policy            "access plus 1 week"
 </IfModule>

 <IfModule mod_deflate.c>
 # Insert filters / compress text, html, javascript, css, xml:
 AddOutputFilterByType DEFLATE text/plain
 AddOutputFilterByType DEFLATE text/html
 AddOutputFilterByType DEFLATE text/xml
 AddOutputFilterByType DEFLATE text/css
 AddOutputFilterByType DEFLATE text/vtt
 AddOutputFilterByType DEFLATE text/x-component
 AddOutputFilterByType DEFLATE application/xml
 AddOutputFilterByType DEFLATE application/xhtml+xml
 AddOutputFilterByType DEFLATE application/rss+xml
 AddOutputFilterByType DEFLATE application/js
 AddOutputFilterByType DEFLATE application/javascript
 AddOutputFilterByType DEFLATE application/x-javascript
 AddOutputFilterByType DEFLATE application/x-httpd-php
 AddOutputFilterByType DEFLATE application/x-httpd-fastphp
 AddOutputFilterByType DEFLATE application/atom+xml
 AddOutputFilterByType DEFLATE application/json
 AddOutputFilterByType DEFLATE application/ld+json
 AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
 AddOutputFilterByType DEFLATE application/x-font-ttf
 AddOutputFilterByType DEFLATE application/font-woff2
 AddOutputFilterByType DEFLATE application/x-font-woff
 AddOutputFilterByType DEFLATE application/x-web-app-manifest+json font/woff
 AddOutputFilterByType DEFLATE font/woff
 AddOutputFilterByType DEFLATE font/opentype
 AddOutputFilterByType DEFLATE image/svg+xml
 AddOutputFilterByType DEFLATE image/x-icon

 # Exception: Images
 SetEnvIfNoCase REQUEST_URI \.(?:gif|jpg|jpeg|png|svg)$ no-gzip dont-vary

 # Drop problematic browsers
 BrowserMatch ^Mozilla/4 gzip-only-text/html
 BrowserMatch ^Mozilla/4\.0[678] no-gzip
 BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

 # Make sure proxies don't deliver the wrong content
 Header append Vary User-Agent env=!dont-vary
 </IfModule>

 #Alternative caching using Apache's "mod_headers", if it's installed.
 #Caching of common files - ENABLED
 <IfModule mod_headers.c>
 <FilesMatch "\.(ico|pdf|flv|swf|js|css|gif|png|jpg|jpeg|txt)$">
 Header set Cache-Control "max-age=2592000, public"
 </FilesMatch>
 </IfModule>

 <IfModule mod_headers.c>
 <FilesMatch "\.(js|css|xml|gz)$">
 Header append Vary Accept-Encoding
 </FilesMatch>
 </IfModule>

 # Set Keep Alive Header
 <IfModule mod_headers.c>
 Header set Connection keep-alive
 </IfModule>

 # If your server don't support ETags deactivate with "None" (and remove header)
 <IfModule mod_expires.c>
 <IfModule mod_headers.c>
 Header unset ETag
 </IfModule>
 FileETag None
 </IfModule>

 <IfModule mod_headers.c>
 <FilesMatch ".(js|css|xml|gz|html|woff|woff2|ttf)$">
 Header append Vary: Accept-Encoding
 </FilesMatch>
 </IfModule>

 # Beispiel-Codeschnipsel für die WordPress-htaccess-Datei
 # https://www.wp-sicherheit.info
 # Marc Nilius, [email protected]

 # Mit Material von Zodiac1978, siehe auch https://gist.github.com/Zodiac1978/d25a8f3aebba7cd1c01c

 #
 # Diese Codeschnipsel gehören in die .htaccess-Datei im Hauptverzeichnis von WordPress
 # Jeder einzelne Bestandteil kann einzeln kopiert und genutzt werden.
 # Bitte die Verwendungshinweise (Kommentare) an jedem Schnipsel beachten
 #

 # Full Path Disclosure (FPD) verhindern
 # mod_php7.c zu mod_php5.c für PHP < 7

 <IfModule mod_php7.c>
 php_flag display_errors Off
 </IfModule>

 # Verzeichnislisting verhindern
 # Options All -Indexes

 # Allgemein Zugriff auf temporäre Dateien o.ä. und sonstige generell nicht sinnvolle Dateien verhinden
 <FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist|txt)|~)$">
 Order allow,deny
 Deny from all
 Satisfy All
 </FilesMatch>

 # Zugriff auf die robots.txt wieder erlauben
 # (ist über die obige Regel automatisch mit ausgeschlossen worden)
 <Files robots.txt>
 Order allow,deny
 Allow from all
 </Files>

 # Zugriff auf htaccess und htpasswd verhindern
 <Files ~ "^[\._]ht">
 Order Allow,Deny
 Deny from all
 Satisfy All
 </Files>

 # Zugriff auf diverse WordPress-Dateien verhindern
 <FilesMatch "(wp-config.php|wp-config-sample.php|liesmich.html|readme.html)">
 Order allow,deny
 Deny from all
 Satisfy All
 </FilesMatch>

 # Zugriff auf die install.php verhindern
 # auskommentieren, um die Installation von Wordpress auszuführen
 <Files install.php>
 Order allow,deny
 Deny from all
 Satisfy All
 </Files>

 # Zugriff auf die XML-RPC-Schnittstelle verhindern
 # Diesen Teil nur aktivieren/nutzen, wenn die XML-RPC-Schnittstelle nicht benötigt wird.
 <Files xmlrpc.php>
 Order Allow,Deny
 Deny from all
 </Files>

 # Includes-Dateien ausschließen
 # Auchtung bei Benutzung in Multisite-Umgebungen!
 # See: http://codex.wordpress.org/Hardening_WordPress#Securing_wp-admin
 <IfModule mod_rewrite.c>
 RewriteEngine On
 # RewriteBase muss ggf. angepasst werden, je nach Serverkonfiguration
 RewriteBase /
 RewriteRule ^wp-admin/includes/ - [F,L]
 RewriteRule !^wp-includes/ - [S=3]
 RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
 RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
 RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
 RewriteRule ^wp-includes/theme-compat/ - [F,L]
 </IfModule>

 # Header mit Versionsinfos deaktivieren
 <IfModule mod_headers.c>
 Header unset X-Powered-By
 Header unset X-Pingback
 Header unset SERVER
 </IfModule>

 # PHP im Uploads-Verzeiochnis verhindern
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteRule ^(wp-content/uploads/.+.php)$ $1 [H=text/plain]
 </IfModule>
diff --git a/von-christian.php b/von-christian.php
 <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/cache-manifest
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE text/vcard
    AddOutputFilterByType DEFLATE text/vnd.rim.location.xloc
    AddOutputFilterByType DEFLATE text/vtt
    AddOutputFilterByType DEFLATE text/x-component
    AddOutputFilterByType DEFLATE text/x-cross-domain-policy
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/json
    AddOutputFilterByType DEFLATE application/ld+json
    AddOutputFilterByType DEFLATE application/atom+xml
    AddOutputFilterByType DEFLATE application/manifest+json
    AddOutputFilterByType DEFLATE application/rdf+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/schema+json
    AddOutputFilterByType DEFLATE application/vnd.geo+json
    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
    AddOutputFilterByType DEFLATE application/x-font-ttf
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/x-web-app-manifest+json
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE font/eot
    AddOutputFilterByType DEFLATE font/opentype
    AddOutputFilterByType DEFLATE image/bmp
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE image/vnd.microsoft.icon
    AddOutputFilterByType DEFLATE image/x-icon
 </IfModule>
 <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/css A2419200
    ExpiresByType text/x-component A2419200
    ExpiresByType application/x-javascript A2419200
    ExpiresByType application/javascript A14515200
    ExpiresByType text/javascript A14515200
    ExpiresByType text/x-js A2419200
    ExpiresByType text/html A3600
    ExpiresByType text/richtext A3600
    ExpiresByType image/svg+xml A3600
    ExpiresByType text/plain A3600
    ExpiresByType text/xsd A3600
    ExpiresByType text/xsl A3600
    ExpiresByType text/xml A3600
    ExpiresByType video/asf A2419200
    ExpiresByType video/avi A2419200
    ExpiresByType image/bmp A2419200
    ExpiresByType application/java A2419200
    ExpiresByType video/divx A2419200
    ExpiresByType application/msword A2419200
    ExpiresByType application/vnd.ms-fontobject A2419200
    ExpiresByType application/x-msdownload A2419200
    ExpiresByType image/gif A31104000
    ExpiresByType application/x-gzip A2419200
    ExpiresByType image/x-icon A2419200
    ExpiresByType image/jpeg A31104000
    ExpiresByType image/webp A31104000
    ExpiresByType application/json A2419200
    ExpiresByType application/vnd.ms-access A2419200
    ExpiresByType audio/midi A2419200
    ExpiresByType video/quicktime A2419200
    ExpiresByType audio/mpeg A2419200
    ExpiresByType video/mp4 A2419200
    ExpiresByType video/mpeg A2419200
    ExpiresByType application/vnd.ms-project A2419200
    ExpiresByType application/x-font-otf A2419200
    ExpiresByType application/vnd.ms-opentype A2419200
    ExpiresByType application/vnd.oasis.opendocument.database A2419200
    ExpiresByType application/vnd.oasis.opendocument.chart A2419200
    ExpiresByType application/vnd.oasis.opendocument.formula A2419200
    ExpiresByType application/vnd.oasis.opendocument.graphics A2419200
    ExpiresByType application/vnd.oasis.opendocument.presentation A2419200
    ExpiresByType application/vnd.oasis.opendocument.spreadsheet A2419200
    ExpiresByType application/vnd.oasis.opendocument.text A2419200
    ExpiresByType audio/ogg A2419200
    ExpiresByType application/pdf A2419200
    ExpiresByType image/png A31104000
    ExpiresByType application/vnd.ms-powerpoint A2419200
    ExpiresByType audio/x-realaudio A2419200
    ExpiresByType image/svg+xml A31104000
    ExpiresByType application/x-shockwave-flash A2419200
    ExpiresByType application/x-tar A2419200
    ExpiresByType image/tiff A2419200
    ExpiresByType application/x-font-ttf A2419200
    ExpiresByType application/vnd.ms-opentype A2419200
    ExpiresByType audio/wav A2419200
    ExpiresByType audio/wma A2419200
    ExpiresByType application/vnd.ms-write A2419200
    ExpiresByType application/font-woff A31104000
    ExpiresByType application/font-woff2 A31104000
    ExpiresByType application/vnd.ms-excel A2419200
    ExpiresByType application/zip A2419200
 </IfModule>
	<IfModule mod_expires.c>
	ExpiresActive on
	ExpiresDefault "access plus 1 month"

	# CSS
	ExpiresByType text/css "access plus 2 days"

	# Data interchange
	ExpiresByType application/atom+xml "access plus 1 hour"
	ExpiresByType application/rdf+xml "access plus 1 hour"
	ExpiresByType application/rss+xml "access plus 1 hour"

	ExpiresByType application/json "access plus 0 seconds"
	ExpiresByType application/ld+json "access plus 0 seconds"
	ExpiresByType application/schema+json "access plus 0 seconds"
	ExpiresByType application/vnd.geo+json "access plus 0 seconds"
	ExpiresByType application/xml "access plus 0 seconds"
	ExpiresByType text/xml "access plus 0 seconds"

	# Favicon (cannot be renamed!) and cursor images
	ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
	ExpiresByType image/x-icon "access plus 1 week"

	# HTML - Behält die Website eine Stunde im Cache, neues wird erst nach Ablauf einer Stunde
	# angezeigt. Wenn nicht gewuenscht, bei 3600 eine Null eintragen
	ExpiresByType text/html "access plus 3600 seconds"

	# JavaScript
	ExpiresByType application/javascript "access plus 1 year"
	ExpiresByType application/x-javascript "access plus 1 year"
	ExpiresByType text/javascript "access plus 1 year"

	# Manifest files
	ExpiresByType application/manifest+json "access plus 1 week"
	ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
	ExpiresByType text/cache-manifest "access plus 0 seconds"

	# Media files
	ExpiresByType audio/ogg "access plus 1 month"
	ExpiresByType image/bmp "access plus 1 month"
	ExpiresByType image/gif "access plus 1 month"
	ExpiresByType image/jpeg "access plus 1 month"
	ExpiresByType image/png "access plus 1 month"
	ExpiresByType image/svg+xml "access plus 1 month"
	ExpiresByType image/webp "access plus 1 month"
	ExpiresByType video/mp4 "access plus 1 month"
	ExpiresByType video/ogg "access plus 1 month"
	ExpiresByType video/webm "access plus 1 month"

	# Web fonts

	# Embedded OpenType (EOT)
	ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
	ExpiresByType font/eot "access plus 1 month"

	# OpenType
	ExpiresByType font/opentype "access plus 1 month"

	# TrueType
	ExpiresByType application/x-font-ttf "access plus 1 month"

	# Web Open Font Format (WOFF) 1.0
	ExpiresByType application/font-woff "access plus 1 month"
	ExpiresByType application/x-font-woff "access plus 1 month"
	ExpiresByType font/woff "access plus 1 month"

	# Web Open Font Format (WOFF) 2.0
	ExpiresByType application/font-woff2 "access plus 1 month"

	# Other
	ExpiresByType text/x-cross-domain-policy "access plus 1 week"
	</IfModule>

	<IfModule mod_deflate.c>
	# Insert filters / compress text, html, javascript, css, xml:
	AddOutputFilterByType DEFLATE text/plain
	AddOutputFilterByType DEFLATE text/html
	AddOutputFilterByType DEFLATE text/xml
	AddOutputFilterByType DEFLATE text/css
	AddOutputFilterByType DEFLATE text/vtt
	AddOutputFilterByType DEFLATE text/x-component
	AddOutputFilterByType DEFLATE application/xml
	AddOutputFilterByType DEFLATE application/xhtml+xml
	AddOutputFilterByType DEFLATE application/rss+xml
	AddOutputFilterByType DEFLATE application/js
	AddOutputFilterByType DEFLATE application/javascript
	AddOutputFilterByType DEFLATE application/x-javascript
	AddOutputFilterByType DEFLATE application/x-httpd-php
	AddOutputFilterByType DEFLATE application/x-httpd-fastphp
	AddOutputFilterByType DEFLATE application/atom+xml
	AddOutputFilterByType DEFLATE application/json
	AddOutputFilterByType DEFLATE application/ld+json
	AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
	AddOutputFilterByType DEFLATE application/x-font-ttf
	AddOutputFilterByType DEFLATE application/font-woff2
	AddOutputFilterByType DEFLATE application/x-font-woff
	AddOutputFilterByType DEFLATE application/x-web-app-manifest+json font/woff
	AddOutputFilterByType DEFLATE font/woff
	AddOutputFilterByType DEFLATE font/opentype
	AddOutputFilterByType DEFLATE image/svg+xml
	AddOutputFilterByType DEFLATE image/x-icon

	# Exception: Images
	SetEnvIfNoCase REQUEST_URI \.(?:gif\|jpg\|jpeg\|png\|svg)$ no-gzip dont-vary

	# Drop problematic browsers
	BrowserMatch ^Mozilla/4 gzip-only-text/html
	BrowserMatch ^Mozilla/4\.0[678] no-gzip
	BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

	# Make sure proxies don't deliver the wrong content
	Header append Vary User-Agent env=!dont-vary
	</IfModule>

	#Alternative caching using Apache's "mod_headers", if it's installed.
	#Caching of common files - ENABLED
	<IfModule mod_headers.c>
	<FilesMatch "\.(ico\|pdf\|flv\|swf\|js\|css\|gif\|png\|jpg\|jpeg\|txt)$">
	Header set Cache-Control "max-age=2592000, public"
	</FilesMatch>
	</IfModule>

	<IfModule mod_headers.c>
	<FilesMatch "\.(js\|css\|xml\|gz)$">
	Header append Vary Accept-Encoding
	</FilesMatch>
	</IfModule>

	# Set Keep Alive Header
	<IfModule mod_headers.c>
	Header set Connection keep-alive
	</IfModule>

	# If your server don't support ETags deactivate with "None" (and remove header)
	<IfModule mod_expires.c>
	<IfModule mod_headers.c>
	Header unset ETag
	</IfModule>
	FileETag None
	</IfModule>

	<IfModule mod_headers.c>
	<FilesMatch ".(js\|css\|xml\|gz\|html\|woff\|woff2\|ttf)$">
	Header append Vary: Accept-Encoding
	</FilesMatch>
	</IfModule>

	# Beispiel-Codeschnipsel für die WordPress-htaccess-Datei
	# https://www.wp-sicherheit.info
	# Marc Nilius, [email protected]

	# Mit Material von Zodiac1978, siehe auch https://gist.github.com/Zodiac1978/d25a8f3aebba7cd1c01c

	#
	# Diese Codeschnipsel gehören in die .htaccess-Datei im Hauptverzeichnis von WordPress
	# Jeder einzelne Bestandteil kann einzeln kopiert und genutzt werden.
	# Bitte die Verwendungshinweise (Kommentare) an jedem Schnipsel beachten
	#

	# Full Path Disclosure (FPD) verhindern
	# mod_php7.c zu mod_php5.c für PHP < 7

	<IfModule mod_php7.c>
	php_flag display_errors Off
	</IfModule>

	# Verzeichnislisting verhindern
	# Options All -Indexes

	# Allgemein Zugriff auf temporäre Dateien o.ä. und sonstige generell nicht sinnvolle Dateien verhinden
	<FilesMatch "(\.(bak\|config\|sql\|fla\|psd\|ini\|log\|sh\|inc\|swp\|dist\|txt)\|~)$">
	Order allow,deny
	Deny from all
	Satisfy All
	</FilesMatch>

	# Zugriff auf die robots.txt wieder erlauben
	# (ist über die obige Regel automatisch mit ausgeschlossen worden)
	<Files robots.txt>
	Order allow,deny
	Allow from all
	</Files>

	# Zugriff auf htaccess und htpasswd verhindern
	<Files ~ "^[\._]ht">
	Order Allow,Deny
	Deny from all
	Satisfy All
	</Files>

	# Zugriff auf diverse WordPress-Dateien verhindern
	<FilesMatch "(wp-config.php\|wp-config-sample.php\|liesmich.html\|readme.html)">
	Order allow,deny
	Deny from all
	Satisfy All
	</FilesMatch>

	# Zugriff auf die install.php verhindern
	# auskommentieren, um die Installation von Wordpress auszuführen
	<Files install.php>
	Order allow,deny
	Deny from all
	Satisfy All
	</Files>

	# Zugriff auf die XML-RPC-Schnittstelle verhindern
	# Diesen Teil nur aktivieren/nutzen, wenn die XML-RPC-Schnittstelle nicht benötigt wird.
	<Files xmlrpc.php>
	Order Allow,Deny
	Deny from all
	</Files>

	# Includes-Dateien ausschließen
	# Auchtung bei Benutzung in Multisite-Umgebungen!
	# See: http://codex.wordpress.org/Hardening_WordPress#Securing_wp-admin
	<IfModule mod_rewrite.c>
	RewriteEngine On
	# RewriteBase muss ggf. angepasst werden, je nach Serverkonfiguration
	RewriteBase /
	RewriteRule ^wp-admin/includes/ - [F,L]
	RewriteRule !^wp-includes/ - [S=3]
	RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
	RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
	RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
	RewriteRule ^wp-includes/theme-compat/ - [F,L]
	</IfModule>

	# Header mit Versionsinfos deaktivieren
	<IfModule mod_headers.c>
	Header unset X-Powered-By
	Header unset X-Pingback
	Header unset SERVER
	</IfModule>

	# PHP im Uploads-Verzeiochnis verhindern
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /
	RewriteRule ^(wp-content/uploads/.+.php)$ $1 [H=text/plain]
	</IfModule>