My site got hacked and a bunch of links in a spammer-created /up
sub-directory are getting a lot of hits.
I have cleared out the mess (a .htaccess
rewrite and a wp-stat.php
file, and now I would like to ignore/forbid all requests to the /up
directory.
Currently I have a simple wordpress created .htaccess, but can't find a way of trapping requests to /up
before the rewrite rules take over and give a 404 page from my wordpress theme.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
You can replace your current code by this one
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/up(/.*|$) [NC]
RewriteRule ^ - [F]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
</IfModule>
This will forbid all /up
urls
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.