WordPress uses. htaccess to prevent CC attack configuration

To solve this problem, we recommend that you use the following methods to protect it.

Save the following content to. htaccess

The code is as follows:	Copy code
<Files wp-login.php> AuthGroupFile/dev/null AuthType Basic AuthUserFile/home/username/. htpasswd AuthName "admin" Require valid-user </Files>

This content is meant to protect the wp-login.php page, requiring that you have to enter a password for access.

Save the above content as a file named. htpasswd and upload it to the user root directory (non-website root directory), that is, the first directory displayed after the FTP Link.

Modify the. htaccess file

Modify the admin in AuthName "admin" to the user name you just set in. htpasswd;

Change username in AuthUserFile/home/username/. htpasswd to your FTP username.

Then open the URL/wp-login.php to test.

Simply put

. Htpasswd Upload to/Directory

. Htaccess is uploaded to the/domains/liurang.com/public_htmldirectory. (if the file already exists, copy the content .)

Attach some other methods

Anti-Leech
The leeching of images may be the biggest headache for many webmasters. If your images are taken for nothing, they will occupy the resources of their websites for free, using htaccess files can also implement anti-Leech functions. The code is as follows:

The code is as follows:	Copy code
RewriteEngine On RewriteCond % {HTTP_REFERER }! ^ Http://domain.com/.#$ [NC] RewriteCond % {HTTP_REFERER }! ^ Http://domain.com $ [NC] RewriteCond % {HTTP_REFERER }! ^ Http://www.domain.com/.#$ [NC] RewriteCond % {HTTP_REFERER }! ^ Http://www.domain.com $ [NC] RewriteRule. *. (gif | jpg | jpeg | png | bmp | swf | mp3 | wav | zip | rar) $ http://www.domain.com/404.html [R, NC]

This code will determine the request referer. If the link is not clicked from this site, it will jump to a 404 page by default. The RewriteRule specifies the file type for anti-Leech protection.

Prevent spam comments
For example, using htaccess can also prevent some spam comments with unknown sources:

The code is as follows:	Copy code
RewriteEngine On RewriteCond % {REQUEST_METHOD} POST RewriteCond % {REQUEST_URI}. Wp-comments-post.php * RewriteCond % {HTTP_REFERER }!. * Domain.com. * [OR] RewriteCond % {HTTP_USER_AGENT} ^ $ RewriteRule (. *) ^ http://domain.com/$ [R = 301, L]

This code determines whether a POST request is sent by a browser (whether HTTP_USER_AGENT is null) and whether the Refer is on this site, as long as any of the conditions is not met, the request is automatically redirected to the home page.

Note: This code only applies to Wordpress. In fact, the framework can modify wp-comments-post to the corresponding URL based on the actual situation.