1

我正在清理一些东西并制作一些通用文件,以便在需要时可以将它们从书架上拿走。但我有一个 .htaccess 问题。

问题 #1 [@Kanu 回答]

在文件的开头我有:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

此外,我还有一个阻止盗链的片段:

#Switch on rewrite engine
RewriteEngine on
#Allow empty referrals, in case visitors are using personal firewalls
RewriteCond %{HTTP_REFERER} !^$
#Match request URL. Replace www.yourwebsite.com with your website URL
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?www.yourwebsite.com [NC]
#Match all files with the below list of extensions
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

这样做会不会很痛

RewriteEngine On

两次还是可以跳过第二次 RewriteEnginge?这里的最佳做法是什么?

问题 #2: [@Kanu 回答] 另外,我是从 WP 部分开始还是需要以它结束?

我在 htacces 中还做了一些其他事情,比如只授予某些 IP 对管理员的访问权限、保护;htaccess|htpasswd|日志|ini。您是否有更多建议或指示,想想安全性或任何其他漂亮的东西。

谢谢,/保罗

添加时间:2013 年 6 月 14 日

考虑添加这个来阻止垃圾邮件发送者,想法,因为我在一个相对较旧的帖子上发现了这个。

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

通过 HTACCESS 进行规范化,以阻止通过机器人和恶意脚本的恶意行为。也让搜索引擎找到他们的方式。在这里找到这个。 

#favicon
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/favicon.ico$ [NC]
RewriteCond %{REQUEST_URI} /favicon(s)?\.?(gif|ico|jpe?g?|png)?$ [NC]
RewriteRule (.*) http://your-domain-name.com/favicon.ico [R=301,L]

#robots.txt
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots.txt$ [NC]
RewriteCond %{REQUEST_URI} robots\.txt [NC]
RewriteRule .* http://your-domain-name.com/robots.txt [R=301,L]

#sitemap
RedirectMatch 301 /sitemap\.xml$ http://your-domain-name.com/sitemap.xml
RedirectMatch 301 /sitemap\.xml\.gz$ http://your-domain-name.com/sitemap.xml.gz

我将在此处发布完整的 .htaccess 文件并更新任何好东西以供使用。

# ==================================================================
# WORDPRESS
# ==================================================================

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

# ==================================================================
# RESTRICT ACCESS IP BASED
# ==================================================================

    order deny,allow
    # enter name here and replace xxx.xxx.x.x with IP
    allow from xxx.xxx.x.x
    # enter name here and replace xxx.xxx.x.x with IP
    allow from xxx.xxx.x.x
    # enter name here and replace xxx.xxx.x.x with IP
    allow from xxx.xxx.x.x
    deny from all

# ==================================================================
# PROTECT FILES, THANKS KANU: http://stackoverflow.com/users/1089399/kanu
# ==================================================================

    #Protect some files from direct access
    <FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|install\.php|php\.info|readme\.html|bb-config\.php|\.htaccess|\.htpasswd|readme\.txt|timthumb\.php|error_log|error\.log|PHP_errors\.log|\.svn)">
    Deny from all
    </FilesMatch>

# ==================================================================
# DISABLE TRACE TRACK REQUESTS, THANKS KANU: http://stackoverflow.com/users/1089399/kanu
# ==================================================================

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]

# ==================================================================
# PREVENT HOTLINKING
# ==================================================================

    #Switch on rewrite engine
    RewriteEngine on
    #Allow empty referrals, in case visitors are using personal firewalls
    RewriteCond %{HTTP_REFERER} !^$
    #Match request URL. Replace www.yourwebsite.com with your website URL
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?www.yourwebsite.com [NC]
    #Match all files with the below list of extensions
    RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

# ==================================================================
# DISABLE DIRECTORY BROWSING
# ==================================================================

    Options All -Indexes

# ==================================================================
# DISABLE SERVER SIGNATURE, THANKS KANU: http://stackoverflow.com/users/1089399/kanu
# ==================================================================   

    ServerSignature Off

# ==================================================================
# DENY SOME KNOWN BAD BOTS, THANKS KANU: http://stackoverflow.com/users/1089399/kanu
# ==================================================================   
    RewriteEngine On 
    RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
    RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
    RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
    RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
    RewriteCond %{HTTP_USER_AGENT} ^Zeus 
    RewriteRule ^.* - [F,L]
4

1 回答 1

2

两次声明“RewriteEngine On”不会有什么坏处

对于 Question2 您不需要以 WP 开头或结尾

我正在使用一些额外的代码来保证安全

# Disable server signature 
ServerSignature Off

#Protect some files from direct access
<FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|install\.php|php\.info|readme\.html|bb-config\.php|\.htaccess|readme\.txt|timthumb\.php|error_log|error\.log|PHP_errors\.log|\.svn)">
Deny from all
</FilesMatch>

# Disable trace track requests
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

# Deny some known bad bots
RewriteEngine On 
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Zeus 
RewriteRule ^.* - [F,L]
# END bots
于 2013-06-14T08:52:54.367 回答