Protegendo seu WordPress via .htaccess


1. Acesse o cPanel;
2. Na seção “#arquivos”, clique no item Gerenciador de Arquivos;
3. Se você enxergar as pastas etc, logs ou mail, acesse a pasta public_html ou o diretório onde está instalado o seu WordPress;
4. No topo direito, clique em Configurações, marque a opção Mostrar arquivos ocultos (dotfiles) e clique em Save;
5. Edite o arquivo .htaccess e adicione as seguintes linhas no final do arquivo:
 
 <IfModule mod_rewrite.c>
 
     RewriteCond %{REQUEST_METHOD} !^(GET|POST|HEAD) [NC]
     RewriteRule ^(.*)$ - [F]
     
     RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
     RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
     RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
     RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
     RewriteCond %{QUERY_STRING} ftp\:  [NC,OR]
     RewriteCond %{QUERY_STRING} http\:  [NC,OR]
     RewriteCond %{QUERY_STRING} https\:  [NC,OR]
     RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
     RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
     RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
     RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
     RewriteCond %{QUERY_STRING} ^.*(127\.0).* [NC,OR]
     RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
     RewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC]
     RewriteCond %{QUERY_STRING} !^loggedout=true
     RewriteCond %{QUERY_STRING} !^action=jetpack-sso
     RewriteCond %{QUERY_STRING} !^action=rp
     RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
     RewriteCond %{HTTP_REFERER} !^http://maps\.googleapis\.com(.*)$
     RewriteRule ^(.*)$ - [F]
 
 </IfModule>
 
<IfModule mod_alias.c>
RedirectMatch 403 (https?|ftp|php)\://
RedirectMatch 403 /(https?|ima|ucp)/
RedirectMatch 403 /(Permanent|Better)$
RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
RedirectMatch 403 \.well\-known/host\-meta
RedirectMatch 403 /function\.array\-rand
RedirectMatch 403 \)\;\$\(this\)\.html\(
RedirectMatch 403 proc/self/environ
RedirectMatch 403 msnbot\.htm\)\.\_
RedirectMatch 403 /ref\.outcontrol
RedirectMatch 403 com\_cropimage
RedirectMatch 403 indonesia\.htm
RedirectMatch 403 \{\$itemURL\}
RedirectMatch 403 function\(\)
RedirectMatch 403 labels\.rdf
RedirectMatch 403 /playing.php
RedirectMatch 403 muieblackcat
</IfModule>
 
<IfModule mod_setenvif.c>
Order Allow,Deny
Allow from all
Deny from 123.151.39.
Deny from 77.172.210.
Deny from 174.94.131.
Deny from 89.238.137.59
Deny from 212.90.148.101
Deny from 91.207.61.129
Deny from 202.46.52.120
Deny from 128.73.60.194
Deny from 68.108.17.141
Deny from 27.54.93.178
Deny from 194.9.94.213
Deny from 122.166.169.127
Deny from 96.9.163.49
Deny from 54.229.73.40
Deny from 203.109.158.201
Deny from 46.105.113.8
Deny from 183.60.244.
Deny from 54.232.102.193
Deny from 195.157.124.186
Deny from 118.39.113.219
Deny from 27.255.56.87
Deny from 69.161.138.1
Deny from 192.96.204.42
Deny from 178.63.52.200
Deny from 27.252.92.103
Deny from 37.59.65.58
Deny from 186.202.126.94
Deny from 186.213.72.146
Deny from 186.219.44.6
</IfModule>
 
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_HOST} (.*)\.crimea\.com [NC,OR]
RewriteCond %{HTTP_HOST} s368\.loopia\.se [NC,OR]
RewriteCond %{HTTP_HOST} kanagawa\.ocn [NC,OR]
RewriteCond %{HTTP_HOST} g00g1e [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (ia_archiver|g00g1e|seekerspider|siclab|spam|sqlmap) [NC]
RewriteRule .* - [F,L]
</IfModule>
 
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Protect WordPress sensitive/legitime files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<files wp-config.php>
order allow,deny
deny from all
</files>
 
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
 
<FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$">
 
    # Apache < 2.3
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
        Satisfy All
    </IfModule>
 
    # Apache ≥ 2.3
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
 
</FilesMatch>
 
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Remove server information
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<IfModule mod_headers.c>
    Header unset X-Powered-By
</IfModule>
 
<IfModule mod_autoindex.c>
    Options -Indexes
</IfModule>
 
ServerSignature Off
 
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
</IfModule>
 
<IfModule mod_headers.c>
    Header unset ETag
</IfModule>
 
FileETag None
 
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Block bad scans
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} revslider [NC,OR]
RewriteCond %{REQUEST_URI} revslider [NC]
RewriteRule .* - [F,L]
</IfModule>
 
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} http\:\/\/www\.google\.com\/humans\.txt\? [NC]
RewriteRule .* - [F,L]
</IfModule>
 
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow cross-origin web fonts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<IfModule mod_headers.c>
    <FilesMatch "\.(eot|otf|tt[cf]|woff2?)$">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>
</IfModule>
 
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Internet Explorer Optimizations
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<IfModule mod_headers.c>
 
    Header set X-UA-Compatible "IE=edge"
 
    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
        Header unset X-UA-Compatible
    </FilesMatch>
 
</IfModule>
 
<IfModule mod_headers.c>
    Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
</IfModule>

6. Salve o arquivo clicando no botão Salvar Alterações no canto superior direito.

Esta resposta lhe foi útil?

 Imprimir este Artigo

Artigos Relacionados

Movendo WordPress em seu Site

Movendo os arquivos do WordPress a partir de um local em seu servidor para outro - mudando sua...

Aumentar o Limite de Memória do PHP no WordPress

Por padrão, o limite de memória PHP é de 128MB. Porém este limite pode não ser o mesmo de seu...

Fatal error: Class ‘Memcache’

Quando você configura incorretamente o plugin W3 Total Cache no WordPress é comum que este erro...

Configurando SendGrid no WordPress

1. Crie uma conta na SendGrid se você ainda não tiver. Lembre-se de confirmá-la no e-mail de...

Configurando Mandrill no WordPress

1. Crie uma conta na Mandrill se você ainda não tiver. Lembre-se de confirmá-la no e-mail de...