Jump to content
gogusan

Protejare bruteforce WP .htaccess

Recommended Posts

Un tutorial adresat incepatorilor si nu numai.

Avem un caz de bruteforce attack pe un wordpress.

Vom proteja directorul wp-admin utilizand .htaccess din acesta:

AuthType Basic
AuthName “PROTECTED”
AuthUserFile /calea/catre/.htpasswd
require valid-user

Pentru ca multe pluginuri folosesc un fisier ce se afla in directorul wp-admin si anume admin-ajax.php va trebui sa dam access la fisierul asta.

Vom adauga sub codul de mai sus:

<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
</Files>

.htaccess final (din directorul wp-admin)


#protejam wp-admin
AuthType Basic
AuthName “PROTECTED”
AuthUserFile /calea/catre/.htpasswd
require valid-user

#dam acces la ajax
<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
</Files>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...