.htaccess rules for Wordpress in subdirectory2019 Community Moderator Electionhtaccess rewrite to include #!Overriding FilesMatch in subdirectoryEditing .htaccess for a Wordpress install in a subdirectoryRedirect 301 .htaccess not workingPermalinks do not work on Wordpress + centos7Wordpress homepage not going to index.phpInfinite loop old index file old WP installation to NewMultiple languages + Htaccesswordpress multi site sub directory open force with wwwset domain to subdirectory and subdomain to root directory
Examples of a statistic that is not independent of sample's distribution?
A three room house but a three headED dog
How did Alan Turing break the enigma code using the hint given by the lady in the bar?
How to create a hard link to an inode (ext4)?
How much stiffer are 23c tires over 28c?
What to do when during a meeting client people start to fight (even physically) with each others?
What is the chance of making a successful appeal to dismissal decision from a PhD program after failing the qualifying exam in the 2nd attempt?
Does splitting a potentially monolithic application into several smaller ones help prevent bugs?
How much attack damage does the AC boost from a shield prevent on average?
How do I locate a classical quotation?
Is having access to past exams cheating and, if yes, could it be proven just by a good grade?
The bar has been raised
They call me Inspector Morse
BitNot does not flip bits in the way I expected
Do Bugbears' arms literally get longer when it's their turn?
Who deserves to be first and second author? PhD student who collected data, research associate who wrote the paper or supervisor?
How do I express some one as a black person?
Upside Down Word Puzzle
Why would one plane in this picture not have gear down yet?
Do I really need to have a scientific explanation for my premise?
Aliens englobed the Solar System: will we notice?
Why does Captain Marvel assume the planet where she lands would recognize her credentials?
Does "variables should live in the smallest scope as possible" include the case "variables should not exist if possible"?
Why is there a voltage between the mains ground and my radiator?
.htaccess rules for Wordpress in subdirectory
2019 Community Moderator Electionhtaccess rewrite to include #!Overriding FilesMatch in subdirectoryEditing .htaccess for a Wordpress install in a subdirectoryRedirect 301 .htaccess not workingPermalinks do not work on Wordpress + centos7Wordpress homepage not going to index.phpInfinite loop old index file old WP installation to NewMultiple languages + Htaccesswordpress multi site sub directory open force with wwwset domain to subdirectory and subdomain to root directory
I use such .htaccess rules to hardening wordpress and redirect to https:
# Block IPS for login
<Files "wp-login.php">
Require all denied
Require ip xxx.xx.xx.xx
Require ip xxx.xx.xx.xx
</Files>
#Protect wp-config
<Files "wp-config.php">
Require all denied
</Files>
# Prevent directory browsing
Options All -Indexes
# Protect htaccess
<FilesMatch "^.*.([Hh][Tt][Aa])">
Require all denied
</FilesMatch>
# Block Includes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
# Block xmlrpc.php
<Files "xmlrpc.php">
Require all denied
</Files>
# Security related. Block browser access to log files
<Files ~ ".log$">
Require all denied
</Files>
# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>
RewriteEngine On
RewriteCond %HTTP_HOST ^domainname.lt$ [NC]
RewriteRule ^(.*)$ https://www.domainname.com/$1 [R=301,L]
RewriteCond %HTTPS !^on$
RewriteRule .* https://%SERVER_NAME%REQUEST_URI [R=301,L]
WordPress is installed on the main directory. Now we plan to install second wordpres blog in a subfolder (public_html/de). New installation will have its own .htaccess file. Do we need same hardening rules for this new wordpress installation or it is enough to have hardening rules in the main folder?
php wordpress .htaccess hardening
asked Mar 6 at 16:27
UgenijusUgenijus
203
add a comment |
I use such .htaccess rules to hardening wordpress and redirect to https:
# Block IPS for login
<Files "wp-login.php">
Require all denied
Require ip xxx.xx.xx.xx
Require ip xxx.xx.xx.xx
</Files>
#Protect wp-config
<Files "wp-config.php">
Require all denied
</Files>
# Prevent directory browsing
Options All -Indexes
# Protect htaccess
<FilesMatch "^.*.([Hh][Tt][Aa])">
Require all denied
</FilesMatch>
# Block Includes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
# Block xmlrpc.php
<Files "xmlrpc.php">
Require all denied
</Files>
# Security related. Block browser access to log files
<Files ~ ".log$">
Require all denied
</Files>
# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>
RewriteEngine On
RewriteCond %HTTP_HOST ^domainname.lt$ [NC]
RewriteRule ^(.*)$ https://www.domainname.com/$1 [R=301,L]
RewriteCond %HTTPS !^on$
RewriteRule .* https://%SERVER_NAME%REQUEST_URI [R=301,L]
WordPress is installed on the main directory. Now we plan to install second wordpres blog in a subfolder (public_html/de). New installation will have its own .htaccess file. Do we need same hardening rules for this new wordpress installation or it is enough to have hardening rules in the main folder?
php wordpress .htaccess hardening
asked Mar 6 at 16:27
UgenijusUgenijus
203
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58
add a comment |
I use such .htaccess rules to hardening wordpress and redirect to https:
# Block IPS for login
<Files "wp-login.php">
Require all denied
Require ip xxx.xx.xx.xx
Require ip xxx.xx.xx.xx
</Files>
#Protect wp-config
<Files "wp-config.php">
Require all denied
</Files>
# Prevent directory browsing
Options All -Indexes
# Protect htaccess
<FilesMatch "^.*.([Hh][Tt][Aa])">
Require all denied
</FilesMatch>
# Block Includes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
# Block xmlrpc.php
<Files "xmlrpc.php">
Require all denied
</Files>
# Security related. Block browser access to log files
<Files ~ ".log$">
Require all denied
</Files>
# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>
RewriteEngine On
RewriteCond %HTTP_HOST ^domainname.lt$ [NC]
RewriteRule ^(.*)$ https://www.domainname.com/$1 [R=301,L]
RewriteCond %HTTPS !^on$
RewriteRule .* https://%SERVER_NAME%REQUEST_URI [R=301,L]
WordPress is installed on the main directory. Now we plan to install second wordpres blog in a subfolder (public_html/de). New installation will have its own .htaccess file. Do we need same hardening rules for this new wordpress installation or it is enough to have hardening rules in the main folder?
php wordpress .htaccess hardening
asked Mar 6 at 16:27
UgenijusUgenijus
203
I use such .htaccess rules to hardening wordpress and redirect to https:
# Block IPS for login
<Files "wp-login.php">
Require all denied
Require ip xxx.xx.xx.xx
Require ip xxx.xx.xx.xx
</Files>
#Protect wp-config
<Files "wp-config.php">
Require all denied
</Files>
# Prevent directory browsing
Options All -Indexes
# Protect htaccess
<FilesMatch "^.*.([Hh][Tt][Aa])">
Require all denied
</FilesMatch>
# Block Includes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
# Block xmlrpc.php
<Files "xmlrpc.php">
Require all denied
</Files>
# Security related. Block browser access to log files
<Files ~ ".log$">
Require all denied
</Files>
# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>
RewriteEngine On
RewriteCond %HTTP_HOST ^domainname.lt$ [NC]
RewriteRule ^(.*)$ https://www.domainname.com/$1 [R=301,L]
RewriteCond %HTTPS !^on$
RewriteRule .* https://%SERVER_NAME%REQUEST_URI [R=301,L]
WordPress is installed on the main directory. Now we plan to install second wordpres blog in a subfolder (public_html/de). New installation will have its own .htaccess file. Do we need same hardening rules for this new wordpress installation or it is enough to have hardening rules in the main folder?
php wordpress .htaccess hardening
php wordpress .htaccess hardening
asked Mar 6 at 16:27
UgenijusUgenijus
203
asked Mar 6 at 16:27
UgenijusUgenijus
203
edited Mar 7 at 14:04
Ugenijus
asked Mar 6 at 16:27
UgenijusUgenijus
203
asked Mar 6 at 16:27
UgenijusUgenijus
203
asked Mar 6 at 16:27
UgenijusUgenijus
203
203
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58
add a comment |
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58
add a comment |
1 Answer
1
active
oldest
votes
I think you need use
RewriteOptions inherit to use the parent's inheritance
Something else :
You do not use the comments # BEGIN WordPress and #END wordpress so that wordpress when regenerating your htacces does not overwrite your overload?
answered Mar 6 at 16:48
Pixel onlinePixel online
205
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027857%2fhtaccess-rules-for-wordpress-in-subdirectory%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I think you need use
RewriteOptions inherit to use the parent's inheritance
Something else :
You do not use the comments # BEGIN WordPress and #END wordpress so that wordpress when regenerating your htacces does not overwrite your overload?
answered Mar 6 at 16:48
Pixel onlinePixel online
205
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
add a comment |
I think you need use
RewriteOptions inherit to use the parent's inheritance
Something else :
You do not use the comments # BEGIN WordPress and #END wordpress so that wordpress when regenerating your htacces does not overwrite your overload?
answered Mar 6 at 16:48
Pixel onlinePixel online
205
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
add a comment |
I think you need use
RewriteOptions inherit to use the parent's inheritance
Something else :
You do not use the comments # BEGIN WordPress and #END wordpress so that wordpress when regenerating your htacces does not overwrite your overload?
answered Mar 6 at 16:48
Pixel onlinePixel online
205
I think you need use
RewriteOptions inherit to use the parent's inheritance
Something else :
You do not use the comments # BEGIN WordPress and #END wordpress so that wordpress when regenerating your htacces does not overwrite your overload?
answered Mar 6 at 16:48
Pixel onlinePixel online
205
answered Mar 6 at 16:48
Pixel onlinePixel online
205
answered Mar 6 at 16:48
Pixel onlinePixel online
205
answered Mar 6 at 16:48
Pixel onlinePixel online
205
205
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
add a comment |
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
Yes of course htaccess contains such rules Main site : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /index.php [L] </IfModule> # END WordPress New site: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /de/ RewriteRule ^index.php$ - [L] RewriteCond %REQUEST_FILENAME !-f RewriteCond %REQUEST_FILENAME !-d RewriteRule . /de/index.php [L] </IfModule> # END WordPress"
– Ugenijus
Mar 6 at 17:00
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027857%2fhtaccess-rules-for-wordpress-in-subdirectory%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
to just rewrite from http to https, you should use Redirect (httpd.apache.org/docs/current/rewrite/avoid.html). Furthermore directives in .htaccess also apply to sub directories
– Natha
Mar 6 at 16:58