RewriteEngine On ######################################## # 🚫 CHẶN TẤT CẢ BOT SCAN FILE PHP KHÔNG TỒN TẠI ######################################## # Nếu request .php mà file không tồn tại -> trả về 403 RewriteCond %{REQUEST_URI} \.php$ [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* - [F,L] ######################################## # 🚫 CHẶN .ENV, vendor ######################################## RewriteRule (^|/)\.env - [F,L] RewriteRule ^vendor/ - [F,L] RewriteCond %{REQUEST_URI} ^/wp-json/wp/v2/users$ [NC] RewriteRule .* - [F,L] ######################################## # BLOCK BAD BOTS ######################################## RewriteCond %{HTTP_USER_AGENT} (curl|wget|python|scrapy|httpclient|aiohttp|okhttp|java|node-fetch|go-http-client|postmanruntime|axios|sqlmap|nikto|libwww-perl|perl|headless|puppeteer) [NC] RewriteCond %{HTTP_USER_AGENT} !Googlebot [NC] RewriteCond %{HTTP_USER_AGENT} !Bingbot [NC] RewriteRule .* - [F,L] ######################################## # BLOCK NON-VN FOR ADMIN (SAFE) ######################################## RewriteCond %{REQUEST_URI} ^/wp-login\.php$ [OR] RewriteCond %{REQUEST_URI} ^/wp-admin(/.*)?$ RewriteCond %{REMOTE_ADDR} !^14\. RewriteCond %{REMOTE_ADDR} !^27\. RewriteCond %{REMOTE_ADDR} !^42\. RewriteCond %{REMOTE_ADDR} !^49\. RewriteCond %{REMOTE_ADDR} !^58\.(8|14|16|18|22|23|186|187)\. RewriteCond %{REMOTE_ADDR} !^59\.153\. RewriteCond %{REMOTE_ADDR} !^101\.96\. RewriteCond %{REMOTE_ADDR} !^103\. RewriteCond %{REMOTE_ADDR} !^113\. RewriteCond %{REMOTE_ADDR} !^115\. RewriteCond %{REMOTE_ADDR} !^116\.96\. RewriteCond %{REMOTE_ADDR} !^117\. RewriteCond %{REMOTE_ADDR} !^118\.69\. RewriteCond %{REMOTE_ADDR} !^119\. RewriteCond %{REMOTE_ADDR} !^120\.72\. RewriteCond %{REMOTE_ADDR} !^125\.212\. RewriteCond %{REMOTE_ADDR} !^171\. RewriteCond %{REMOTE_ADDR} !^175\. RewriteCond %{REMOTE_ADDR} !^180\. RewriteCond %{REMOTE_ADDR} !^183\. RewriteCond %{REMOTE_ADDR} !^203\. RewriteRule ^ - [F,L] ######################################## # WORDPRESS PERMALINKS ######################################## RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] - igreen.com.vn
Call Now Button