Home / admin / Block common exploit
  • How to Block common exploit

    no thumbnail sorry: Block common exploit

    Adding this code to your .HTACCESS will block common exploits.

    ( click code to copy )

    wordpress snippet : PHP

    <>
    RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).* [NC]
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ ///.*\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\?\=?(http|ftp|ssl|https):/.*\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\?\?.*\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\.(asp|ini|dll).*\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\.(htpasswd|htaccess|aahtpasswd).*\ HTTP/ [NC]
    RewriteRule .* - [F,NS,L]
    

    ( WordPress codex functions, hooks, in this snippet. )

    request, wp,
  • Can you please elaborate more. What type of exploits, we can block. How can we block a specific exploit, about which know.
    Please tell me.
    Thanks

    • This snippet does a range of things, including denies POST request with wrong content type and denies requests that dont contain a HTTP HOST Header also specific file types from being viewed. etc, If you are not familiar with htaccess make sure you backup your original file first.