Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #957525

    Hello there!
    Pagination doesn’t work on my website. It goes to 404. Could you help me please?
    Tried to change permalinks but it doesn’t work.

    #958317

    Hey guys!
    Little help would be nice! I tried different ways to set permalinks, but nothing works

    #958643

    Hi srs6270,

    Please, show us what you’ve got in your .htaccess?
    This looks like permalinks conflict actually

    Best regards,
    Victoria

    #958958
    
    # BEGIN All In One WP Security
    #AIOWPS_BLOCK_WP_FILE_ACCESS_START
    <Files license.txt>
    order allow,deny
    deny from all
    </files>
    <Files wp-config-sample.php>
    order allow,deny
    deny from all
    </Files>
    <Files readme.html>
    order allow,deny
    deny from all
    </Files>
    #AIOWPS_BLOCK_WP_FILE_ACCESS_END
    #AIOWPS_BASIC_HTACCESS_RULES_START
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>
    ServerSignature Off
    LimitRequestBody 10240000
    <Files wp-config.php>
    order allow,deny
    deny from all
    </Files>
    #AIOWPS_BASIC_HTACCESS_RULES_END
    #AIOWPS_PINGBACK_HTACCESS_RULES_START
    <Files xmlrpc.php>
    order deny,allow
    deny from all
    </Files>
    #AIOWPS_PINGBACK_HTACCESS_RULES_END
    #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_START
    <Files debug.log>
    order deny,allow
    deny from all
    </Files>
    #AIOWPS_DEBUG_LOG_BLOCK_HTACCESS_RULES_END
    #AIOWPS_DISABLE_INDEX_VIEWS_START
    Options -Indexes
    #AIOWPS_DISABLE_INDEX_VIEWS_END
    #AIOWPS_DISABLE_TRACE_TRACK_START
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    #AIOWPS_DISABLE_TRACE_TRACK_END
    #AIOWPS_FORBID_PROXY_COMMENTS_START
    RewriteCond %{REQUEST_METHOD} ^POST
    RewriteCond %{HTTP:VIA} !^$ [OR]
    RewriteCond %{HTTP:FORWARDED} !^$ [OR]
    RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR]
    RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
    RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
    RewriteRule wp-comments-post\.php - [F]
    #AIOWPS_FORBID_PROXY_COMMENTS_END
    #AIOWPS_DENY_BAD_QUERY_STRINGS_START
    RewriteCond %{QUERY_STRING} tag=     [NC,OR]
    RewriteCond %{QUERY_STRING} ftp:     [NC,OR]
    RewriteCond %{QUERY_STRING} http:    [NC,OR]
    RewriteCond %{QUERY_STRING} https:   [NC,OR]
    RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
    RewriteCond %{QUERY_STRING} (\;|'|\"|%22).*(request|insert|union|declare|drop) [NC]
    RewriteRule ^(.*)$ - [F,L]
    #AIOWPS_DENY_BAD_QUERY_STRINGS_END
    #AIOWPS_ADVANCED_CHAR_STRING_FILTER_START
    <IfModule mod_alias.c>
    RedirectMatch 403 \,
    RedirectMatch 403 \:
    RedirectMatch 403 \;
    RedirectMatch 403 \=
    RedirectMatch 403 \@
    RedirectMatch 403 \[
    RedirectMatch 403 \]
    RedirectMatch 403 \^
    RedirectMatch 403 \

    RedirectMatch 403 \{
    RedirectMatch 403 \}
    RedirectMatch 403 \~
    RedirectMatch 403 \”
    RedirectMatch 403 \$
    RedirectMatch 403 \<
    RedirectMatch 403 \>
    RedirectMatch 403 \|
    RedirectMatch 403 \.\.
    RedirectMatch 403 \%0
    RedirectMatch 403 \%A
    RedirectMatch 403 \%B
    RedirectMatch 403 \%C
    RedirectMatch 403 \%D
    RedirectMatch 403 \%E
    RedirectMatch 403 \%F
    RedirectMatch 403 \%22
    RedirectMatch 403 \%27
    RedirectMatch 403 \%28
    RedirectMatch 403 \%29
    RedirectMatch 403 \%3C
    RedirectMatch 403 \%3E
    RedirectMatch 403 \%3F
    RedirectMatch 403 \%5B
    RedirectMatch 403 \%5C
    RedirectMatch 403 \%5D
    RedirectMatch 403 \%7B
    RedirectMatch 403 \%7C
    RedirectMatch 403 \%7D
    # COMMON PATTERNS
    Redirectmatch 403 \_vpi
    RedirectMatch 403 \.inc
    Redirectmatch 403 xAou6
    Redirectmatch 403 db\_name
    Redirectmatch 403 select\(
    Redirectmatch 403 convert\(
    Redirectmatch 403 \/query\/
    RedirectMatch 403 ImpEvData
    Redirectmatch 403 \.XMLHTTP
    Redirectmatch 403 proxydeny
    RedirectMatch 403 function\.
    Redirectmatch 403 remoteFile
    Redirectmatch 403 servername
    Redirectmatch 403 \&rptmode\=
    Redirectmatch 403 sys\_cpanel
    RedirectMatch 403 db\_connect
    RedirectMatch 403 doeditconfig
    RedirectMatch 403 check\_proxy
    Redirectmatch 403 system\_user
    Redirectmatch 403 \/\(null\)\/
    Redirectmatch 403 clientrequest
    Redirectmatch 403 option\_value
    RedirectMatch 403 ref\.outcontrol
    # SPECIFIC EXPLOITS
    RedirectMatch 403 errors\.
    RedirectMatch 403 config\.
    RedirectMatch 403 include\.
    RedirectMatch 403 display\.
    RedirectMatch 403 register\.
    Redirectmatch 403 password\.
    RedirectMatch 403 maincore\.
    RedirectMatch 403 authorize\.
    Redirectmatch 403 macromates\.
    RedirectMatch 403 head\_auth\.
    RedirectMatch 403 submit\_links\.
    RedirectMatch 403 change\_action\.
    Redirectmatch 403 com\_facileforms\/
    RedirectMatch 403 admin\_db\_utilities\.
    RedirectMatch 403 admin\.webring\.docs\.
    Redirectmatch 403 Table\/Latest\/index\.
    </IfModule>
    #AIOWPS_ADVANCED_CHAR_STRING_FILTER_END
    #AIOWPS_FIVE_G_BLACKLIST_START
    # 5G BLACKLIST/FIREWALL (2013)
    # @ http://perishablepress.com/5g-blacklist-2013/
    # 5G:[QUERY STRINGS]
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{QUERY_STRING} (\”|%22).*(<|>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (\\|\.\./|`|=’$|=%27$) [NC,OR]
    RewriteCond %{QUERY_STRING} (\;|’|\”|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]
    RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]
    RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
    RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
    RewriteRule .* – [F]
    </IfModule>
    # 5G:[USER AGENTS]
    <IfModule mod_setenvif.c>
    # SetEnvIfNoCase User-Agent ^$ keep_out
    SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out
    <limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    Deny from env=keep_out
    </limit>
    </IfModule>
    # 5G:[REQUEST STRINGS]
    <IfModule mod_alias.c>
    RedirectMatch 403 (https?|ftp|php)\://
    RedirectMatch 403 /(https?|ima|ucp)/
    RedirectMatch 403 /(Permanent|Better)$
    RedirectMatch 403 (\=\\\’|\=\\%27|/\\\’/?|\)\.css\()$
    RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\”\\\”)
    RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
    RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
    RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
    RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
    RedirectMatch 403 \.well\-known/host\-meta
    RedirectMatch 403 /function\.array\-rand
    RedirectMatch 403 \)\;\$\(this\)\.html\(
    RedirectMatch 403 proc/self/environ
    RedirectMatch 403 msnbot\.htm\)\.\_
    RedirectMatch 403 /ref\.outcontrol
    RedirectMatch 403 com\_cropimage
    RedirectMatch 403 indonesia\.htm
    RedirectMatch 403 \{\$itemURL\}
    RedirectMatch 403 function\(\)
    RedirectMatch 403 labels\.rdf
    RedirectMatch 403 /playing.php
    RedirectMatch 403 muieblackcat
    </IfModule>
    # 5G:[REQUEST METHOD]
    <ifModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* – [F]
    </IfModule>
    #AIOWPS_FIVE_G_BLACKLIST_END
    #AIOWPS_PREVENT_IMAGE_HOTLINKS_START
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://solo-interier\.kz [NC]
    RewriteRule \.(gif|jpe?g?|png)$ – [F,NC,L]
    </IfModule>
    #AIOWPS_PREVENT_IMAGE_HOTLINKS_END
    # END All In One WP Security
    # BULLETPROOF .53.1 >>>>>>> SECURE .HTACCESS
    # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    FileETag MTime Size
    <ifmodule mod_expires.c>
    <filesmatch “\.(jpg|gif|png|css|js)$”>
    ExpiresActive on
    ExpiresDefault “access plus 1 year”
    </filesmatch>
    </ifmodule>
    # TURN OFF YOUR SERVER SIGNATURE
    # Suppresses the footer line server version number and ServerName of the serving virtual host
    ServerSignature Off
    # DO NOT SHOW DIRECTORY LISTING
    # Disallow mod_autoindex from displaying a directory listing
    # If a 500 Internal Server Error occurs when activating Root BulletProof Mode
    # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code
    # and paste it into BPS Custom Code and comment out Options -Indexes
    # by adding a # sign in front of it.
    # Example: #Options -Indexes
    Options -Indexes
    # DIRECTORY INDEX FORCE INDEX.PHP
    # Use index.php as default directory index file. index.html will be ignored.
    # If a 500 Internal Server Error occurs when activating Root BulletProof Mode
    # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code
    # and paste it into BPS Custom Code and comment out DirectoryIndex
    # by adding a # sign in front of it.
    # Example: #DirectoryIndex index.php index.html /index.php
    DirectoryIndex index.php index.html /index.php
    # BRUTE FORCE LOGIN PAGE PROTECTION
    # PLACEHOLDER ONLY
    # Use BPS Custom Code to add Brute Force Login protection code and to save it permanently.
    # See this link: http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
    # for more information.
    # BPS ERROR LOGGING AND TRACKING
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # BPS has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and
    # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors
    # that occur on your website. When a hacker attempts to hack your website the hackers IP address,
    # Host name, Request Method, Referering link, the file name or requested resource, the user agent
    # of the hacker and the query string used in the hack attempt are logged.
    # All BPS log files are htaccess protected so that only you can view them.
    # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/
    # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors
    # after you install BPS and have activated BulletProof Mode for your Root folder.
    # If you would like to log 404 errors you will need to copy the logging code in the BPS 404.php file
    # to your Theme’s 404.php template file. Simple instructions are included in the BPS 404.php file.
    # You can open the BPS 404.php file using the WP Plugins Editor or manually editing the file.
    # NOTE: By default WordPress automatically looks in your Theme’s folder for a 404.php Theme template file.
    ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php
    ErrorDocument 401 default
    ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php
    ErrorDocument 404 /404.php
    ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php
    ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php
    # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs
    RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$
    # WP-ADMIN/INCLUDES
    # Use BPS Custom Code to remove this code permanently.
    RewriteEngine On
    RewriteBase /
    RewriteRule ^wp-admin/includes/ – [F]
    RewriteRule !^wp-includes/ – [S=3]
    RewriteRule ^wp-includes/[^/]+\.php$ – [F]
    RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F]
    RewriteRule ^wp-includes/theme-compat/ – [F]
    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom Code and copy
    # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
    # text box: CUSTOM CODE REQUEST METHODS FILTERED.
    # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ – [F]
    RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
    RewriteRule ^(.*)$ – [R=405,L]
    # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES
    # To add plugin/theme skip/bypass rules use BPS Custom Code.
    # The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules.
    # The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9…
    # If you delete a skip rule, change the other skip rule numbers accordingly.
    # Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc.
    # If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13]
    # Adminer MySQL management tool data populate
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC]
    RewriteRule . – [S=12]
    # Comment Spam Pack MU Plugin – CAPTCHA images not displaying
    RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC]
    RewriteRule . – [S=11]
    # Peters Custom Anti-Spam display CAPTCHA Image
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC]
    RewriteRule . – [S=10]
    # Status Updater plugin fb connect
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC]
    RewriteRule . – [S=9]
    # Stream Video Player – Adding FLV Videos Blocked
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC]
    RewriteRule . – [S=8]
    # XCloner 404 or 403 error when updating settings
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC]
    RewriteRule . – [S=7]
    # BuddyPress Logout Redirect
    RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC]
    RewriteRule . – [S=6]
    # redirect_to=
    RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC]
    RewriteRule . – [S=5]
    # Login Plugins Password Reset And Redirect 1
    RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC]
    RewriteRule . – [S=4]
    # Login Plugins Password Reset And Redirect 2
    RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC]
    RewriteRule . – [S=3]
    # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # Remote File Inclusion (RFI) security rules
    # Note: Only whitelist your additional domains or files if needed – do not whitelist hacker domains or files
    RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
    RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
    RewriteRule .* index.php [F]
    #
    # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
    RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
    # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
    RewriteCond %{HTTP_REFERER} ^.*solo-interier.kz.*
    RewriteRule . – [S=1]
    # BEGIN BPSQSE BPS QUERY STRING EXPLOITS
    # The libwww-perl User Agent is forbidden – Many bad bots use libwww-perl modules, but some good bots use it too.
    # Good sites such as W3C use it for their W3C-LinkChecker.
    # Use BPS Custom Code to add or remove user agents temporarily or permanently from the
    # User Agent filters directly below or to modify/edit/change any of the other security code rules below.
    RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (;|<|>|’|”|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
    RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)HTTP(:/|/) [NC,OR]
    RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
    RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
    RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR]
    RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
    RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
    RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [NC,OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
    RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
    RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR]
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    RewriteCond %{QUERY_STRING} http\: [NC,OR]
    RewriteCond %{QUERY_STRING} https\: [NC,OR]
    RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
    RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
    RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
    RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR]
    RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
    RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR]
    RewriteCond %{QUERY_STRING} (;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
    RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
    RewriteRule ^(.*)$ – [F]
    # END BPSQSE BPS QUERY STRING EXPLOITS
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # WP REWRITE LOOP END
    # DENY BROWSER ACCESS TO THESE FILES
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html
    # To be able to view these files from a Browser, replace 127.0.0.1 with your actual
    # current IP address. Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1
    # Note: The BPS System Info page displays which modules are loaded on your server.
    <FilesMatch “^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)”>
    Order Allow,Deny
    Deny from all
    #Allow from 127.0.0.1
    </FilesMatch>
    # HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE
    # PLACEHOLDER ONLY
    # Use BPS Custom Code to add custom code and save it permanently here.
    # BEGIN W3TC Browser Cache
    <IfModule mod_mime.c>
    AddType text/css .css
    AddType text/x-component .htc
    AddType application/x-javascript .js
    AddType application/javascript .js2
    AddType text/javascript .js3
    AddType text/x-js .js4
    AddType text/html .html .htm
    AddType text/richtext .rtf .rtx
    AddType image/svg+xml .svg
    AddType text/plain .txt
    AddType text/xsd .xsd
    AddType text/xsl .xsl
    AddType text/xml .xml
    AddType video/asf .asf .asx .wax .wmv .wmx
    AddType video/avi .avi
    AddType image/bmp .bmp
    AddType application/java .class
    AddType video/divx .divx
    AddType application/msword .doc .docx
    AddType application/vnd.ms-fontobject .eot
    AddType application/x-msdownload .exe
    AddType image/gif .gif
    AddType application/x-gzip .gz .gzip
    AddType image/x-icon .ico
    AddType image/jpeg .jpg .jpeg .jpe
    AddType image/webp .webp
    AddType application/json .json
    AddType application/vnd.ms-access .mdb
    AddType audio/midi .mid .midi
    AddType video/quicktime .mov .qt
    AddType audio/mpeg .mp3 .m4a
    AddType video/mp4 .mp4 .m4v
    AddType video/mpeg .mpeg .mpg .mpe
    AddType application/vnd.ms-project .mpp
    AddType application/x-font-otf .otf
    AddType application/vnd.ms-opentype ._otf
    AddType application/vnd.oasis.opendocument.database .odb
    AddType application/vnd.oasis.opendocument.chart .odc
    AddType application/vnd.oasis.opendocument.formula .odf
    AddType application/vnd.oasis.opendocument.graphics .odg
    AddType application/vnd.oasis.opendocument.presentation .odp
    AddType application/vnd.oasis.opendocument.spreadsheet .ods
    AddType application/vnd.oasis.opendocument.text .odt
    AddType audio/ogg .ogg
    AddType application/pdf .pdf
    AddType image/png .png
    AddType application/vnd.ms-powerpoint .pot .pps .ppt .pptx
    AddType audio/x-realaudio .ra .ram
    AddType image/svg+xml .svg .svgz
    AddType application/x-shockwave-flash .swf
    AddType application/x-tar .tar
    AddType image/tiff .tif .tiff
    AddType application/x-font-ttf .ttf .ttc
    AddType application/vnd.ms-opentype ._ttf
    AddType audio/wav .wav
    AddType audio/wma .wma
    AddType application/vnd.ms-write .wri
    AddType application/font-woff .woff
    AddType application/font-woff2 .woff2
    AddType application/vnd.ms-excel .xla .xls .xlsx .xlt .xlw
    AddType application/zip .zip
    </IfModule>
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/css A31536000
    ExpiresByType text/x-component A31536000
    ExpiresByType application/x-javascript A31536000
    ExpiresByType application/javascript A31536000
    ExpiresByType text/javascript A31536000
    ExpiresByType text/x-js A31536000
    ExpiresByType text/html A7200
    ExpiresByType text/richtext A7200
    ExpiresByType image/svg+xml A7200
    ExpiresByType text/plain A7200
    ExpiresByType text/xsd A7200
    ExpiresByType text/xsl A7200
    ExpiresByType text/xml A7200
    ExpiresByType video/asf A31536000
    ExpiresByType video/avi A31536000
    ExpiresByType image/bmp A31536000
    ExpiresByType application/java A31536000
    ExpiresByType video/divx A31536000
    ExpiresByType application/msword A31536000
    ExpiresByType application/vnd.ms-fontobject A31536000
    ExpiresByType application/x-msdownload A31536000
    ExpiresByType image/gif A31536000
    ExpiresByType application/x-gzip A31536000
    ExpiresByType image/x-icon A31536000
    ExpiresByType image/jpeg A31536000
    ExpiresByType image/webp A31536000
    ExpiresByType application/json A31536000
    ExpiresByType application/vnd.ms-access A31536000
    ExpiresByType audio/midi A31536000
    ExpiresByType video/quicktime A31536000
    ExpiresByType audio/mpeg A31536000
    ExpiresByType video/mp4 A31536000
    ExpiresByType video/mpeg A31536000
    ExpiresByType application/vnd.ms-project A31536000
    ExpiresByType application/x-font-otf A31536000
    ExpiresByType application/vnd.ms-opentype A31536000
    ExpiresByType application/vnd.oasis.opendocument.database A31536000
    ExpiresByType application/vnd.oasis.opendocument.chart A31536000
    ExpiresByType application/vnd.oasis.opendocument.formula A31536000
    ExpiresByType application/vnd.oasis.opendocument.graphics A31536000
    ExpiresByType application/vnd.oasis.opendocument.presentation A31536000
    ExpiresByType application/vnd.oasis.opendocument.spreadsheet A31536000
    ExpiresByType application/vnd.oasis.opendocument.text A31536000
    ExpiresByType audio/ogg A31536000
    ExpiresByType application/pdf A31536000
    ExpiresByType image/png A31536000
    ExpiresByType application/vnd.ms-powerpoint A31536000
    ExpiresByType audio/x-realaudio A31536000
    ExpiresByType image/svg+xml A31536000
    ExpiresByType application/x-shockwave-flash A31536000
    ExpiresByType application/x-tar A31536000
    ExpiresByType image/tiff A31536000
    ExpiresByType application/x-font-ttf A31536000
    ExpiresByType application/vnd.ms-opentype A31536000
    ExpiresByType audio/wav A31536000
    ExpiresByType audio/wma A31536000
    ExpiresByType application/vnd.ms-write A31536000
    ExpiresByType application/font-woff A31536000
    ExpiresByType application/font-woff2 A31536000
    ExpiresByType application/vnd.ms-excel A31536000
    ExpiresByType application/zip A31536000
    </IfModule>
    <IfModule mod_deflate.c>
    <IfModule mod_filter.c>
    AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.presentation application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint image/svg+xml application/x-shockwave-flash image/tiff application/x-font-ttf application/vnd.ms-opentype audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel
    <IfModule mod_mime.c>
    # DEFLATE by extension
    AddOutputFilter DEFLATE js css htm html xml
    </IfModule>
    </IfModule>
    </IfModule>
    <FilesMatch “\.(css|htc|less|js|js2|js3|js4|CSS|HTC|LESS|JS|JS2|JS3|JS4)$”>
    <IfModule mod_headers.c>
    Header set Pragma “public”
    Header append Cache-Control “public”
    Header set X-Powered-By “W3 Total Cache/0.9.7”
    </IfModule>
    </FilesMatch>
    <FilesMatch “\.(html|htm|rtf|rtx|svg|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|SVG|TXT|XSD|XSL|XML)$”>
    <IfModule mod_headers.c>
    Header append Vary User-Agent env=!dont-vary
    Header set Pragma “public”
    Header append Cache-Control “public”
    Header set X-Powered-By “W3 Total Cache/0.9.7”
    </IfModule>
    </FilesMatch>
    <FilesMatch “\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|WEBP|JSON|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|OTF|_OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|_TTF|WAV|WMA|WRI|WOFF|WOFF2|XLA|XLS|XLSX|XLT|XLW|ZIP)$”>
    <IfModule mod_headers.c>
    Header set Pragma “public”
    Header append Cache-Control “public”
    Header set X-Powered-By “W3 Total Cache/0.9.7”
    </IfModule>
    </FilesMatch>
    <FilesMatch “\.(bmp|class|doc|docx|eot|exe|ico|webp|json|mdb|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|pot|pps|ppt|pptx|svg|svgz|swf|tif|tiff|ttf|ttc|_ttf|wav|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|BMP|CLASS|DOC|DOCX|EOT|EXE|ICO|WEBP|JSON|MDB|MPP|OTF|_OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|POT|PPS|PPT|PPTX|SVG|SVGZ|SWF|TIF|TIFF|TTF|TTC|_TTF|WAV|WRI|WOFF|WOFF2|XLA|XLS|XLSX|XLT|XLW)$”>
    <IfModule mod_headers.c>
    Header unset Last-Modified
    </IfModule>
    </FilesMatch>
    <IfModule mod_headers.c>
    Header set Referrer-Policy “”
    </IfModule>
    # END W3TC Browser Cache
    # BEGIN W3TC Page Cache core
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} =on
    RewriteRule .* – [E=W3TC_SSL:_ssl]
    RewriteCond %{SERVER_PORT} =443
    RewriteRule .* – [E=W3TC_SSL:_ssl]
    RewriteCond %{HTTP:X-Forwarded-Proto} =https [NC]
    RewriteRule .* – [E=W3TC_SSL:_ssl]
    RewriteCond %{HTTP:Accept-Encoding} gzip
    RewriteRule .* – [E=W3TC_ENC:_gzip]
    RewriteCond %{HTTP_COOKIE} w3tc_preview [NC]
    RewriteRule .* – [E=W3TC_PREVIEW:_preview]
    RewriteCond %{REQUEST_METHOD} !=POST
    RewriteCond %{QUERY_STRING} =””
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{HTTP_COOKIE} !(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle) [NC]
    RewriteCond “%{DOCUMENT_ROOT}/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html%{ENV:W3TC_ENC}” -f
    RewriteRule .* “/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html%{ENV:W3TC_ENC}” [L]
    </IfModule>
    # END W3TC Page Cache core

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.26]
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </IfModule>
    # END rlrssslReallySimpleSSL
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress
    `

    #959314

    Hi,

    Thanks for that, what happens if you remove the part added by the All In One WP Security plugin and leave the plugin disabled?

    Best regards,
    Rikard

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.