# This file is automatically generated by WP Toolkit. # Please do not modify the contents of this file, because this can lead to reduced security or malfunctioning of your website. # If the file was accidentally modified or otherwise damaged, you can regenerate it by deleting it and reapplying all security # measures for this site in WP Toolkit UI. # "Block access to wp-config.php" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Block access to xmlrpc.php" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Block directory browsing" # To remove this rule, revert this security measure on each WordPress installation on this domain Options -Indexes # "Block author scans" # To remove this rule, revert this security measure for WordPress installation #30 RewriteEngine on RewriteCond %{QUERY_STRING} author=\d+ RewriteCond %{REQUEST_FILENAME} "!^/home/fhbhealt/public_html/test/wp\-admin/" [NC] RewriteRule .* - [F,L] # "Forbid execution of PHP scripts in the wp-content/uploads directory" # To remove this rule, revert this security measure for WordPress installation #31 Require all denied # "Enable hotlink protection" # To remove this rule, turn off this feature for WordPress installation #31 RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https?://(.*\.)?fhb.health.gov.lk(:|/|$) [NC] RewriteCond %{HTTP_REFERER} !^https?://(.*\.)?fhb.health.gov.lk.66-85-158-91.cpanel.site(:|/|$) [NC] RewriteCond %{HTTP_REFERER} !^https?://(.*\.)?google.com(:|/|$) [NC] RewriteRule \.(gif|png|jpeg|jpg|svg)$ "/home/fhbhealt/public_html/wpt\-hotlinked\-image\-stub\.png" [NC] RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteRule .* - [NC,F,L] # "Forbid execution of PHP scripts in the wp-includes directory" # To remove this rule, revert this security measure for WordPress installation #31 RewriteEngine on RewriteCond %{REQUEST_FILENAME} "!^/home/fhbhealt/public_html/wp\-includes/js/tinymce/wp\-tinymce\.php$" [NC] RewriteRule .* - [NC,F,L] # "Disable scripts concatenation for WordPress admin panel" # To remove this rule, revert this security measure for WordPress installation #31 Require all denied # "Block author scans" # To remove this rule, revert this security measure for WordPress installation #31 RewriteEngine on RewriteCond %{QUERY_STRING} author=\d+ RewriteCond %{REQUEST_FILENAME} "!^/home/fhbhealt/public_html/wp\-admin/" [NC] RewriteRule .* - [F,L] # "Block access to sensitive files" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Block access to potentially sensitive files" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Disable PHP execution in cache directories" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Block access to .htaccess and .htpasswd" # To remove this rule, revert this security measure on each WordPress installation on this domain Require all denied # "Enable bot protection" # To remove this rule, revert this security measure on each WordPress installation on this domain RewriteEngine on RewriteCond %{HTTP_USER_AGENT} "(?:acunetix|BLEXBot|domaincrawler\\.com|LinkpadBot|MJ12bot/v|majestic12\\.co\\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\\s+Link\\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests)" [NC] RewriteRule .* - [F,L]