From bb16c54a21dff0cc9efef4f10b7ef65a0b5a6e5b Mon Sep 17 00:00:00 2001 From: ale <ale@incal.net> Date: Thu, 26 Aug 2021 15:39:19 +0100 Subject: [PATCH] Harden htaccess for /wp-includes/ direct access --- docker/htaccess | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docker/htaccess b/docker/htaccess index d891492c..ddf02818 100644 --- a/docker/htaccess +++ b/docker/htaccess @@ -27,6 +27,13 @@ RewriteRule ^gallery/[0-9]+/(.*)$ wp-includes/ms-files.php?file=2010/08/$1 [L] RewriteRule ^resource/[^/]+/preview/(.*)$ wp-includes/ms-files.php?file=2010/08/$1 [L] RewriteRule ^resource/[^/]+/download/(.*)$ wp-includes/ms-files.php?file=2010/08/$1 [L] +# hardening of wp-includes +RewriteRule ^wp-admin/includes/ - [F,L] +RewriteRule !^wp-includes/ - [S=3] +RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] +RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] +RewriteRule ^wp-includes/theme-compat/ - [F,L] + # BEGIN WPSuperCache <IfModule mod_rewrite.c> AddDefaultCharset UTF-8 -- GitLab