Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 05-16-2011, 09:57 AM   #1
Registered: Apr 2006
Location: Atlanta
Distribution: Centos, knoppix, Fedora, Mepis, Zenwalk, Mint
Posts: 142

Rep: Reputation: 16
securing wordpress with htaccess

I have a blog on my site and am using htaccess rewrite rules to block all those nasty scripts from trying to execute various things mostly relating to phpmyadmin and wordpress. This has reduced my httpd error logs to less than half from before.

Am trying to come up with a rule to rewrite all calls to certain files if they are not originating from my domain, here is how it looks right now but it's not working as I can see scripts trying to hit "wp-comments-post.php" getting a 500 Internal Server Error.

RewriteCond %{HTTP_REFERER} !^*$ [NC]
RewriteCond %{REQUEST_POST} .*wp-comments-post.php [OR]
RewriteCond %{REQUEST_POST} .*wp-app.php/service
RewriteRule .* - [F]

Any help with this will be greatly appreciated.
Old 05-16-2011, 10:41 AM   #2
LQ Guru
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295

Two things, where are you enabling your rewrite engine (RewriteEngine On)? and where is the termination of the RewriteRules ([L]). Didn't look at the regex but those two things popped up. Also isn't it better to include them in your virtualhost declarations instead of in htaccess?

Kind regards,

Old 05-24-2011, 02:47 PM   #3
Registered: Apr 2006
Location: Atlanta
Distribution: Centos, knoppix, Fedora, Mepis, Zenwalk, Mint
Posts: 142

Original Poster
Rep: Reputation: 16
Hi, thanks for you reply, the RewriteEngine is enabled before this particular rewrite condition and rule, as I have other rewrites before and after this one, but this particular one is the that seems not to be working. I dont have virtualhost setup/enabled.


htaccess, wordpress

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
wordpress aarsh Linux - Newbie 5 01-03-2011 10:20 AM
wordpress on nginx sandeepthug Linux - Software 1 07-23-2010 12:54 PM
Wordpress and .htaccess? gnosis_linux Linux - Software 1 04-03-2010 02:26 PM
LXer: The new WordPress LXer Syndicated Linux News 0 04-09-2008 03:10 AM
New to Wordpress subaruwrx General 0 10-31-2007 01:22 PM

All times are GMT -5. The time now is 03:34 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration