apache_conf WordPress的安全性
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了apache_conf WordPress的安全性相关的知识,希望对你有一定的参考价值。
## Start Security ##
<Files wp-config.php>
order allow,deny
deny from all
</Files>
<Files wp-login.php>
AuthType Basic
AuthName "IP not in whitelist, please login"
AuthUserFile "/home/heere/domains/heere.biz/.htpasswd/.htpasswd"
Require valid-user
ErrorDocument 401 "Authorisation Required"
order deny,allow
deny from all
allow from 87.213.97.46 localhost 127.0.0.1
Satisfy any
</Files>
# Block the include-only files.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
# Block enumerating users
RewriteCond %{REQUEST_URI} !^/wp/wp-admin [NC]
RewriteCond %{QUERY_STRING} ^author=\d+ [NC,OR]
RewriteCond %{QUERY_STRING} ^author=\{num
RewriteRule ^ - [L,R=403]
</IfModule>
# protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>
## End Security ##
以上是关于apache_conf WordPress的安全性的主要内容,如果未能解决你的问题,请参考以下文章
apache_conf Wordpress快速减少垃圾和安全性......
apache_conf .htaccess为WordPress考虑安全性
apache_conf WordPress安全
apache_conf 使用这些.htaccess添加更安全的WordPress
apache_conf 使用这些.htaccess添加更安全的WordPress
apache_conf 使用这些.htaccess添加更安全的WordPress