[英]Hide wp-admin and wp-login.php from .htaccess
I have the following in my .htaccess file 我的.htaccess文件中包含以下内容
RewriteRule ^(/)?access/?$ /wp-login.php [QSA,L]
RewriteRule ^(/)?register/?$ /wplogin?action=register [QSA,L]
RewriteRule ^wp-admin$ http://www.mywebsite.com/404.php [R=301,L]
RewriteRule ^wp-login\.php$ http://www.mywebsite.com/404.php [R=301,L]
The problem is i achieved what i wanted...which is users not seeing the hideous "wp-login.php ............" in the browser also for security reasons i wanted to hide wp-admin. 问题是我达到了我想要的...这是用户出于安全原因也不想在浏览器中看到可怕的“ wp-login.php ............”的原因,我想隐藏wp-管理员。
But what happens is that the bottom rules overwrite whats at the top...once i remove the comments from the two last lines of code the login buttons go to the 404 page. 但是发生的是,底部规则覆盖了顶部的内容...一旦我从登录按钮转到404页的最后两行代码中删除了注释,就可以了。 I know it is possible to achieve what i want because ithemes did it with their plugin but because there are compatibility issues with it and my theme i have to stop using it but i want the feature to keep hiding "wp-admin" and "wp-login.php" without preventing www.mywebsite.com/access and www.mywebsite.com/register from working. 我知道可以实现我想要的功能,因为ithemes用插件完成了它,但是因为它存在兼容性问题,我的主题我不得不停止使用它,但是我希望该功能始终隐藏“ wp-admin”和“ wp” -login.php”,而不会阻止www.mywebsite.com/access和www.mywebsite.com/register正常工作。
regards 问候
Try replacing those 2 rules with: 尝试将以下2条规则替换为:
RewriteCond %{THE_REQUEST} \ /+wp-(admin|login)
RewriteRule ^ /404.php [L,R=404]
If you match against the %{THE_REQUEST}
variable, you'll match only what the browser requested, not what's been internally rewritten. 如果与%{THE_REQUEST}
变量匹配,则仅匹配浏览器所请求的内容,而不匹配内部重写的内容。
Maybe you should try this code for your .htaccess file 也许您应该为您的.htaccess文件尝试此代码
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !^(.*)admin-ajax\.php
RewriteCond %{HTTP_REFERER} !^(.*)DOMAIN/wp-admin
RewriteCond %{HTTP_REFERER} !^(.*)DOMAIN/wp-login\.php
RewriteCond %{QUERY_STRING} !^KEY
RewriteCond %{QUERY_STRING} !^action=logout
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{QUERY_STRING} !^action=postpass
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^.*wp-admin/?|^.*wp-login\.php/not_found[R,L]
RewriteCond %{QUERY_STRING} ^loggedout=true
RewriteRule ^$/wp-login.php?KEY[R,L]
</IfModule>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.