I own a WordPress site, and I have DDoS Attack on /wp-login.php. What I am trying to do, is to restrict the access to this file with mod_rewrite, but with no luck.
More specific, what I am trying to do, is to allow access for this file, only to users using the keywork google in the query string. If the keyword does not exists, then I like to redirect the user to google web site.
Example:
- Allow : http://www.my-site.ext/wp-login.php?google
- Redirect : http://www.my-site.ext/wp-login.php to http://www.google.com
The htaccess I am using is the following, but it seem that not works:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILE} \/wp\-login\.php
RewriteCond %{QUERY_STRING} !google
RewriteRule (.*) http://www.google.com/ [R=301,L]
</IfModule>
How can I rewrite this rule, in order to allow the above functionality to work ?
Note: I have try the above rules without the first RewriteCond that check for the requested file name, and the redirection to google is prerformed normaly, but what I like to do is to limit the redirection only for the wp-login.php
Kind regards