Seguridad y Optimizacion Extrema para Tu WordPress

Inicio Foros WordPress Seguridad Seguridad y Optimizacion Extrema para Tu WordPress

Etiquetado: ,

Este debate contiene 7 respuestas, tiene 1 mensaje y lo actualizó  Juan Bon hace 3 años, 8 meses.

  • Autor
    Publicaciones
  • #77197

    Juan Bon
    Participante

    ######################################################
    SEGURIDAD MAXIMA WORDPRESS SIN PAGAR NADA POR JUAN BON
    ######################################################

    Esta es una recopilación de las mejores reglas de seguridad y optimizacion en wordpress que haran de tu sitio dificil de ser hackeado.

    AQUI ESTA TODO COMPLETO: http://goo.gl/hJEYGp (en el htaccess principal cambien la url panrental.com por la suya) (usar con precaución)
    ———————————————————————

    perfil de facebook: https://www.facebook.com/john.m.ben.3
    ———————————————————

    robots.txt, Seguridad, Trucos y Optimización extrema para tu CMS WordPress (usar las mejoras en el htaccess con cuidado)

    ########################################################################
    Archivo robot txt (Prevenir que los buscadores indexen nuestros ficheros de nuestra Web)
    ########################################################################

    -reemplazar por tu sitemap-
    ————————————————

    Sitemap: http://www.tusite.com/sitemap_index.xml (aqui va el nombre de tu sitemap)

    ————————————————

    User-agent: *
    Disallow: /feed/
    Disallow: /cgi-bin/
    Disallow: /wp-admin/
    Disallow: /wp-includes/
    Disallow: /wp-content/
    Disallow: /wp-content/plugins/
    Disallow: /wp-content/cache/
    Disallow: /wp-content/themes/
    Disallow: /comments/feed/
    Disallow: /trackback/
    Disallow: /index.php
    Disallow: /xmlrpc.php
    Disallow: *?wptheme
    Disallow: /archives/
    Disallow: /index.php
    Disallow: /*?
    Disallow: /*.php$
    Disallow: /*.js$
    Disallow: /*.inc$
    Disallow: /*.css$
    Disallow: ?comments=*
    Disallow: /search?
    Disallow: /?p=*
    Disallow: /ko/
    Disallow: /bg/
    Disallow: /page/
    Disallow: /archives/
    Disallow: /trackback/
    Disallow: /tag/
    Disallow: /category/
    Disallow: /wp-
    Allow: /wp-content/uploads/

    User-agent: ia_archiver
    Disallow: /

    User-agent: Mediapartners-Google
    Disallow: /

    User-agent: Googlebot-Image
    Allow: /wp-content/uploads/

    User-agent: Adsbot-Google
    Disallow: /

    User-agent: Googlebot-Mobile
    Allow: /

    User-agent: duggmirror
    Disallow: /

    User-agent: Orthogaffe
    Disallow: /

    User-agent: UbiCrawler
    Disallow: /

    User-agent: DOC
    Disallow: /

    User-agent: Zao
    Disallow: /

    User-agent: sitecheck.internetseer.com
    Disallow: /

    User-agent: Zealbot
    Disallow: /

    User-agent: MSIECrawler
    Disallow: /

    User-agent: SiteSnagger
    Disallow: /

    User-agent: WebStripper
    Disallow: /

    User-agent: WebCopier
    Disallow: /

    User-agent: Fetch
    Disallow: /

    User-agent: Offline Explorer
    Disallow: /

    User-agent: Teleport
    Disallow: /

    User-agent: TeleportPro
    Disallow: /

    User-agent: WebZIP
    Disallow: /

    User-agent: linko
    Disallow: /

    User-agent: HTTrack
    Disallow: /

    User-agent: Microsoft.URL.Control
    Disallow: /

    User-agent: Xenu
    Disallow: /

    User-agent: larbin
    Disallow: /

    User-agent: libwww
    Disallow: /

    User-agent: ZyBORG
    Disallow: /

    User-agent: Download Ninja
    Disallow: /

    User-agent: wget
    Disallow: /

    User-agent: grub-client
    Disallow: /

    ———————————————————————-
    ######################################################################
    Plugins de seguridad altamente recomendados por mi persona 100% Gratis
    ######################################################################

    los plugins que debes usar a la vez a continuacion:

    1.) block bad queries

    2.) wordpress firewall 2

    3.) stealth login page

    4.) limit login attempts

    5.) cleantalk spam protect (opcional – 15 dias gratis, despues pagar 8 dolares al año)
    ————————————————————————————–

    Buscar cada plugin por el nombre en: https://wordpress.org/plugins/

    #################################################################
    Nombre de usuario y Contraseñas para wordpress – seguridad Maxima
    #################################################################
    —————————————————————–

    Maximo numero de caracteres posibles en un nombre de registro: 58 (entre mayuscula, minusculas y numeros)
    ———————————————————————————————————-
    (obligatorio para maxima seguridad)

    Maximo numero de caracteres posibles en una contraseña de registro: 64 (cifrado en MD5 entre mayuscula, minusculas y numeros)
    ——————————————————————————————————————————-

    ########################################################################
    Archivos innecesarios despues de instalar wordpress y ajustes de permisos (no aplica para todos)
    ########################################################################

    Antes hacer un backup de los siguientes ficheros y eliminarlos sino lo van a usar:

    ———————————————————————————-
    /wp-admin/upgrade.php, /wp-admin/upgrade-functions.php, /wp-admin/update-core.php,

    /wp-admin/import.php, /wp-admin/update.php, /wp-admin/about.php, /wp-admin/user-edit.php,

    /wp-admin/user-new.php

    ———————————————————————————————————-

    1.) Eliminar ficheros que causan problemas de seguridad. (hacer backup de dichos archivos primero)

    readme.html, licencia.txt, license.txt, wp-config-sample.php y /wp-admin/install.php,

    /wp-admin/installer-helper.php, xmlrpc.php, wp-trackback.php, /wp-admin/import.php, /wp-admin/setup-config.php,

    ———————————————————————————————————–

    2.) Revisar todos los permisos en base a la documentación y consejos del Codex de WordPress.

    Ficheros: 644

    Directorios: 755

    .htaccess: 644 o 604

    wp-config.php: 644 o 604

    ———————————————————————————

    consejo: cambiar el prefijo de la base de datos por un nombre complejo

    abrir phpmyadmin y seleccionar marcar todos y escoger la opcion cambiar prefijo.
    despues de cambiarlo ir a wp-config.php y agregar el nuevo prefijo

    ejemplo:

    /**
    * WordPress Database Table prefix.
    *
    * You can have multiple installations in one database if you give each a unique
    * prefix. Only numbers, letters, and underscores please!
    */
    $table_prefix = ‘tuprefijo_’;

    despues de cambiar el prefijo nos vamos a la tabla wp_options igual a la wp_usermeta

    y reemplazamos los prefijos que queden de los antiguos por el nuevo.
    ———————————————————————————-

    ########################################################################
    Trucos de seguridad y Optimización en Function.php (agregar todo al final antes de “?>”)
    ########################################################################

    1.) Desactivar los errores de la página de Login

    function login_errors_message() {
    return ‘No tienes autorizacion para estar aqui!!!’;
    }
    add_filter(‘login_errors’, ‘login_errors_message’);

    ——————————————————–

    2.) Eliminar la basura de la etiqueta <head>

    remove_action(‘wp_head’, ‘feed_links’, 2 );
    remove_action(‘wp_head’, ‘feed_links_extra’, 3 );
    remove_action(‘wp_head’, ‘wp_generator’);
    remove_action(‘wp_head’, ‘rsd_link’);
    remove_action(‘wp_head’, ‘wlwmanifest_link’);
    remove_action(‘wp_head’, ‘index_rel_link’);
    remove_action(‘wp_head’, ‘parent_post_rel_link’, 10, 0);
    remove_action(‘wp_head’, ‘start_post_rel_link’, 10, 0);
    remove_action(‘wp_head’, ‘adjacent_posts_rel_link’, 10, 0);

    ——————————————————–

    3.) Eliminar la versión de WordPress:

    function wpsecure_remove_version() { return ”; }
    add_filter(‘the_generator’, ‘wpsecure_remove_version’);

    ——————————————————-

    4.) Only load the comment-reply.js when needed

    function theme_queue_js(){
    if (!is_admin()){
    if (is_singular() && (get_option(‘thread_comments’) == 1) && comments_open() && have_comments())
    wp_enqueue_script(‘comment-reply’);
    }
    }
    add_action(‘wp_print_scripts’, ‘theme_queue_js’);

    ————————————————————————————————-

    5:) Only load the l10n.js when needed

    function remove_l10n_js(){
    if (!is_admin()){
    wp_deregister_script(‘l10n’);
    }
    }
    add_action(‘wp_print_scripts’, ‘remove_l10n_js’);

    —————————————————

    6.) desactivar la opción de recuperación de contraseña

    function disable_reset_lost_password()
    {
    return false;
    }
    add_filter( ‘allow_password_reset’, ‘disable_reset_lost_password’);

    ——————————————————————-

    7.) Quitar la version de WP en cualquier script o css

    function vc_remove_wp_ver_css_js( $src ) {
    if ( strpos( $src, ‘ver=’ ) )
    $src = remove_query_arg( ‘ver’, $src );
    return $src;
    }
    add_filter( ‘style_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );
    add_filter( ‘script_loader_src’, ‘vc_remove_wp_ver_css_js’, 9999 );

    ——————————————————————-

    8.) Eliminar el mensaje de actualización de WordPress

    if (!current_user_can(‘edit_users’)) {
    add_action(‘init’, create_function(‘$a’, “remove_action(‘init’, ‘wp_version_check’);”), 2);
    add_filter(‘pre_option_update_core’, create_function(‘$a’, “return null;”));
    }

    ———————————————————————————————–

    9.) Mover las javascripts al pie de la pagina (hacer esto solo si es necesario)

    /**
    * Load Enqueued Scripts in the Footer
    *
    * Automatically move JavaScript code to page footer, speeding up page loading time.
    */
    function footer_enqueue_scripts() {
    remove_action(‘wp_head’, ‘wp_print_scripts’);
    remove_action(‘wp_head’, ‘wp_print_head_scripts’, 9);
    remove_action(‘wp_head’, ‘wp_enqueue_scripts’, 1);
    add_action(‘wp_footer’, ‘wp_print_scripts’, 5);
    add_action(‘wp_footer’, ‘wp_enqueue_scripts’, 5);
    add_action(‘wp_footer’, ‘wp_print_head_scripts’, 5);
    }
    add_action(‘after_setup_theme’, ‘footer_enqueue_scripts’);

    ———————————————————————————–

    ####################################################################
    Trucos o mejoras en el archivo wp-config.php (anadir todo al final)
    ####################################################################

    1.) Desactivar actualizaciones de plugins desde el panel

    define(‘DISALLOW_FILE_MODS’, true); // Added manually

    ——————————————————–

    2.) Desactivar editor del panel de administración

    define(‘DISALLOW_FILE_EDIT’, true); // Added manually

    —————————————————–

    3.) Desactivar el código HTML en los comentarios

    add_filter(‘pre_comment_content’, ‘wp_specialchars’);

    —————————————————–

    4.) Fijar los valores AUTH / SALT (reemplazar el codigo original por el generado)

    https://api.wordpress.org/secret-key/1.1/salt/

    ———————————————————————————-

    5.) previene revisiones de los post

    define(‘WP_POST_REVISIONS’, false );

    ————————————

    6.) Limite de memoria para usar en wordpress

    define( ‘WP_MEMORY_LIMIT’, ‘256M’ );
    ——————————————–

    ##################################################
    .htaccess seguridad y optimización – htaccess raiz
    ##################################################

    #######################################
    Listado Completo (no aplica para todos)
    #######################################

    # Setup browser caching
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg “access 1 year”
    ExpiresByType image/jpeg “access 1 year”
    ExpiresByType image/gif “access 1 year”
    ExpiresByType image/png “access 1 year”
    ExpiresByType text/css “access 1 month”
    ExpiresByType application/pdf “access 1 month”
    ExpiresByType text/x-javascript “access 1 month”
    ExpiresByType application/x-shockwave-flash “access 1 month”
    ExpiresByType image/x-icon “access 1 year”
    ExpiresDefault “access 2 days”
    </IfModule>

    # BEGIN Expire headers
    ExpiresActive On
    ExpiresDefault “access plus 1 seconds”
    ExpiresByType image/x-icon “access plus 2592000 seconds”
    ExpiresByType image/jpeg “access plus 2592000 seconds”
    ExpiresByType image/png “access plus 2592000 seconds”
    ExpiresByType image/gif “access plus 2592000 seconds”
    ExpiresByType application/x-shockwave-flash “access plus 2592000 seconds”
    ExpiresByType text/css “access plus 604800 seconds”
    ExpiresByType text/javascript “access plus 216000 seconds”
    ExpiresByType application/x-javascript “access plus 216000 seconds”
    ExpiresByType text/html “access plus 600 seconds”
    ExpiresByType application/xhtml+xml “access plus 600 seconds”
    # END Expire headers

    # BEGIN Cache-Control Headers
    Header set Cache-Control “max-age=2592000, public”
    Header set Cache-Control “max-age=604800, public”
    Header set Cache-Control “max-age=216000, private”
    Header set Cache-Control “max-age=600, private, must-revalidate”
    # END Cache-Control Headers

    # START XML RPC BLOCKING
    <Files xmlrpc.php>
    Order Deny,Allow
    Deny from all
    </Files>
    # FINISH XML RPC BLOCKING

    # BEGIN Turn ETags Off
    Header unset ETag
    FileETag None
    # END Turn ETags Off

    # BEGIN Remove Last-Modified Header
    Header unset Last-Modified
    # END Remove Last-Modified Header

    # Asegurar los plugins de WordPress
    <Files ~ “\.(js|css)$”>
    order allow,deny
    allow from all
    </Files>

    # Stop spam attack logins and comments
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login)\.php*
    RewriteCond %{HTTP_REFERER} !.*tusite.com.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
    </ifModule>

    # Disable directory browsing
    Options All -Indexes

    # Disable access to all file types except the following
    Order deny,allow
    Deny from all
    <Files ~ “.(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$”>
    Allow from all
    </Files>

    # Block wp-includes folder and files
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^wp-admin/includes/ – [F,L]
    RewriteRule !^wp-includes/ – [S=3]
    RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]
    RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]
    RewriteRule ^wp-includes/theme-compat/ – [F,L]
    </IfModule>

    # Deny access to wp-login.php file
    <Files wp-login.php>
    Order allow,deny
    Deny from all
    </Files>

    # Protect the .htaccess
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>

    # Deny access to wp-config.php file
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>

    # Deny access to all .htaccess files
    <files ~ “^.*\.([Hh][Tt][Aa])”>
    order allow,deny
    deny from all
    satisfy all
    </files>

    # Prevent image hotlinking script. Replace last URL with any image link you want.
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?tusite.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourotherwebsite.com [NC]
    RewriteRule \.(jpg|jpeg|png|gif)$ http://i.imgur.com/MlQAH71.jpg [NC,R,L]

    # protect against DOS attacks by limiting file upload size
    LimitRequestBody 10240000

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG)
    RewriteRule .* – [F]

    <files error_log>
    Order allow,deny
    Deny from all
    </files>

    php_flag display_errors off

    # Disable the Server Signature
    ServerSignature Off

    # Block suspicious request methods
    RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ – [F,L]

    # Block WP timthumb hack
    RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
    RewriteRule . – [S=1]

    # Block suspicious user agents and requests
    RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (;|<|>|’|”|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
    RewriteCond %{THE_REQUEST} \?\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} \/\*\ HTTP/ [NC,OR]
    RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
    RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
    RewriteCond %{THE_REQUEST} (%0A|%0D) [NC,OR]

    # Block MySQL injections, RFI, base64, etc.
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
    RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
    RewriteCond %{QUERY_STRING} (\.\./|\.\.) [OR]
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    RewriteCond %{QUERY_STRING} http\: [NC,OR]
    RewriteCond %{QUERY_STRING} https\: [NC,OR]
    RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
    RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR]
    RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
    RewriteCond %{QUERY_STRING} (\./|\../|\…/)+(motd|etc|bin) [NC,OR]
    RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
    RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} (;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
    RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
    RewriteRule ^(.*)$ – [F,L]

    </Files>
    # This prevents web browsers or spiders from seeing your .htaccess directives:
    <Files .htaccess>
    deny from all
    </Files>
    # End of file

    ### Prevent directory browsing
    <IfModule mod_autoindex.c>
    Options -Indexes
    </IfModule>

    ### Block access to hidden files & directories
    <IfModule mod_rewrite.c>
    RewriteCond %{SCRIPT_FILENAME} -d [OR]
    RewriteCond %{SCRIPT_FILENAME} -f
    RewriteRule “(^|/)\.” – [F]
    </IfModule>

    ### Block access to source files
    <FilesMatch “(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$”>
    Order allow,deny
    Deny from all
    Satisfy All
    </FilesMatch>

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    ### SQL Injection Protection
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
    RewriteRule ^(.*)$ index.php [F,L]
    ### End SQL Injection Protection
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    —————————————————–

    ######
    extra:
    ######

    # UTF8 Characters
    AddDefaultCharset utf-8
    AddCharset utf-8 .atom .css .js .json .rss .vtt .xml

    #########################################
    # 6G BLACKLIST/FIREWALL (beta)
    # @ http://perishablepress.com/6g-beta/#
    ########################################

    # 6G:[REQUEST STRINGS]
    <ifModule mod_alias.c>
    RedirectMatch 403 /(\$|\*)/?$
    RedirectMatch 403 (?i)(<|>|:|;|\’|\s)
    RedirectMatch 403 (?i)([a-zA-Z0-9]{18})
    RedirectMatch 403 (?i)(https?|ftp|php)\:/
    RedirectMatch 403 (?i)(\”|\.|\_|\&|\&amp)$
    RedirectMatch 403 (?i)(\=\\\’|\=\\%27|/\\\’/?)\.
    RedirectMatch 403 (?i)/(author\-panel|submit\-articles)/?$
    RedirectMatch 403 (?i)/(([0-9]{5})|([0-9]{6}))\-([0-9]{10})\.(gif|jpg|png)
    RedirectMatch 403 (?i)(\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.|\+\+\+|\||\\\”\\\”)
    RedirectMatch 403 (?i)/uploads/([0-9]+)/([0-9]+)/(cache|cached|wp-opt|wp-supercache)\.php
    RedirectMatch 403 (?i)\.(asp|bash|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf|well)
    RedirectMatch 403 (?i)/(^$|1|addlink|btn_hover|contact?|dkscsearch|dompdf|easyboard|ezooms|formvars|fotter|fpw|i|imagemanager|index1|install|iprober|legacy\-comments|join|js\-scraper|mapcms|mobiquo|phpinfo|phpspy|pingserver|playing|postgres|product|register|scraper|shell|signup|single\-default|t|sqlpatch|test|textboxes.css|thumb|timthumb|topper|tz|ucp_profile|visit|webring.docs|webshell|wp\-lenks|wp\-links|wp\-plugin|wp\-signup|wpcima|zboard|zzr)\.php
    RedirectMatch 403 (?i)/(\=|\$\&|\_mm|administrator|auth|bytest|cachedyou|cgi\-|cvs|config\.|crossdomain\.xml|dbscripts|e107|etc/passwd|function\.array\-rand|function\.parse\-url|livecalendar|localhost|makefile|muieblackcat|release\-notes|rnd|sitecore|tapatalk|wwwroot)
    RedirectMatch 403 (?i)(\$\(this\)\.attr|\&pws\=0|\&t\=|\&title\=|\%7BshopURL\%7Dimages|\_vti\_|\(null\)|$itemURL|ask/data/ask|com\_crop|document\)\.ready\(fu|echo.*kae|eval\(|fckeditor\.htm|function.parse|function\(\)|gifamp|hilton.ch|index.php\&amp\;quot|jfbswww|monstermmorpg|msnbot\.htm|netdefender/hui|phpMyAdmin/config|proc/self|skin/zero_vote|/spaw2?|text/javascript|this.options)
    </ifModule>

    # 6G:[QUERY STRINGS]
    <IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_URI} !^/$ [NC]
    RewriteCond %{QUERY_STRING} (mod|path|tag)= [NC,OR]
    RewriteCond %{QUERY_STRING} ([a-zA-Z0-9]{32}) [NC,OR]
    RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
    RewriteCond %{QUERY_STRING} (\?|\.\./|\.|\*|:|;|<|>|’|”|\)|\[|\]|=\\\’$|%0A|%0D|%22|%27|%3C|%3E|%00|%2e%2e) [NC,OR]
    RewriteCond %{QUERY_STRING} (benchmark|boot.ini|cast|declare|drop|echo.*kae|environ|etc/passwd|execute|input_file|insert|md5|mosconfig|scanner|select|set|union|update) [NC]
    RewriteRule .* – [F,L]
    </IfModule>

    # 6G:[USER AGENTS]
    <ifModule mod_setenvif.c>
    #SetEnvIfNoCase User-Agent ^$ keep_out
    SetEnvIfNoCase User-Agent (<|>|’|<|%0A|%0D|%27|%3C|%3E|%00|href\s) keep_out
    SetEnvIfNoCase User-Agent (archiver|binlar|casper|checkprivacy|clshttp|cmsworldmap|comodo|curl|diavol|dotbot|email|extract|feedfinder|flicky|grab|harvest|httrack|ia_archiver|jakarta|kmccrew|libwww|loader|miner|nikto|nutch|planetwork|purebot|pycurl|python|scan|skygrid|sucker|turnit|vikspider|wget|winhttp|youda|zmeu|zune) keep_out
    <limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    Deny from env=keep_out
    </limit>
    </ifModule>

    # 6G:[REFERRERS]
    <IfModule mod_rewrite.c>
    RewriteCond %{HTTP_REFERER} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_REFERER} ([a-zA-Z0-9]{32}) [NC]
    RewriteRule .* – [F,L]
    </IfModule>

    # 6G:[BAD IPS]
    <Limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    # uncomment/edit/repeat next line to block IPs
    # Deny from 123.456.789
    </Limit>

    ######################################
    # 5G FIREWALL from PerishablePress.com
    ######################################

    #AIOWPS_FORBID_PROXY_COMMENTS_START
    RewriteCond %{REQUEST_METHOD} =POST
    RewriteCond %{HTTP:VIA}%{HTTP:FORWARDED}%{HTTP:USERAGENT_VIA}%{HTTP:X_FORWARDED_FOR}%{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION}%{HTTP:HTTP_PC_REMOTE_ADDR}%{HTTP:HTTP_CLIENT_IP} !^$
    RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).* [NC]
    RewriteRule .* – [F,NS,L]
    #AIOWPS_FORBID_PROXY_COMMENTS_END

    #AIOWPS_DENY_BAD_QUERY_STRINGS_START
    RewriteCond %{QUERY_STRING} tag= [NC,OR]
    RewriteCond %{QUERY_STRING} ftp: [NC,OR]
    RewriteCond %{QUERY_STRING} http: [NC,OR]
    RewriteCond %{QUERY_STRING} https: [NC,OR]
    RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
    RewriteCond %{QUERY_STRING} (\;|’|\”|%22).*(request|insert|union|declare|drop) [NC]
    RewriteRule ^(.*)$ – [F,L]
    #AIOWPS_DENY_BAD_QUERY_STRINGS_END

    #AIOWPS_ADVANCED_CHAR_STRING_FILTER_START
    <IfModule mod_alias.c>
    RedirectMatch 403 \,
    RedirectMatch 403 \:
    RedirectMatch 403 \;
    RedirectMatch 403 \=
    RedirectMatch 403 \@
    RedirectMatch 403 \[
    RedirectMatch 403 \]
    RedirectMatch 403 \^
    RedirectMatch 403
    RedirectMatch 403 \{
    RedirectMatch 403 \}
    RedirectMatch 403 \~
    RedirectMatch 403 \”
    RedirectMatch 403 \$
    RedirectMatch 403 \<
    RedirectMatch 403 \>
    RedirectMatch 403 \|
    RedirectMatch 403 \.\.
    RedirectMatch 403 \%0
    RedirectMatch 403 \%A
    RedirectMatch 403 \%B
    RedirectMatch 403 \%C
    RedirectMatch 403 \%D
    RedirectMatch 403 \%E
    RedirectMatch 403 \%F
    RedirectMatch 403 \%22
    RedirectMatch 403 \%27
    RedirectMatch 403 \%28
    RedirectMatch 403 \%29
    RedirectMatch 403 \%3C
    RedirectMatch 403 \%3E
    RedirectMatch 403 \%3F
    RedirectMatch 403 \%5B
    RedirectMatch 403 \%5C
    RedirectMatch 403 \%5D
    RedirectMatch 403 \%7B
    RedirectMatch 403 \%7C
    RedirectMatch 403 \%7D
    # COMMON PATTERNS
    Redirectmatch 403 \_vpi
    RedirectMatch 403 \.inc
    Redirectmatch 403 xAou6
    Redirectmatch 403 db\_name
    Redirectmatch 403 select\(
    Redirectmatch 403 convert\(
    Redirectmatch 403 \/query\/
    RedirectMatch 403 ImpEvData
    Redirectmatch 403 \.XMLHTTP
    Redirectmatch 403 proxydeny
    RedirectMatch 403 function\.
    Redirectmatch 403 remoteFile
    Redirectmatch 403 servername
    Redirectmatch 403 \&rptmode\=
    Redirectmatch 403 sys\_cpanel
    RedirectMatch 403 db\_connect
    RedirectMatch 403 doeditconfig
    RedirectMatch 403 check\_proxy
    Redirectmatch 403 system\_user
    Redirectmatch 403 \/\(null\)\/
    Redirectmatch 403 clientrequest
    Redirectmatch 403 option\_value
    RedirectMatch 403 ref\.outcontrol
    # SPECIFIC EXPLOITS
    RedirectMatch 403 errors\.
    RedirectMatch 403 config\.
    RedirectMatch 403 include\.
    RedirectMatch 403 display\.
    RedirectMatch 403 register\.
    Redirectmatch 403 password\.
    RedirectMatch 403 maincore\.
    RedirectMatch 403 authorize\.
    Redirectmatch 403 macromates\.
    RedirectMatch 403 head\_auth\.
    RedirectMatch 403 submit\_links\.
    RedirectMatch 403 change\_action\.
    Redirectmatch 403 com\_facileforms\/
    RedirectMatch 403 admin\_db\_utilities\.
    RedirectMatch 403 admin\.webring\.docs\.
    Redirectmatch 403 Table\/Latest\/index\.
    </IfModule>
    #AIOWPS_ADVANCED_CHAR_STRING_FILTER_END

    #AIOWPS_FIVE_G_BLACKLIST_START
    # 5G BLACKLIST/FIREWALL (2013)
    # @ http://perishablepress.com/5g-blacklist-2013/

    # 5G:[QUERY STRINGS]
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{QUERY_STRING} (\”|%22).*(<|>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (\\|\.\./|
    |=’$|=%27$) [NC,OR]
    RewriteCond %{QUERY_STRING} (\;|’|\”|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]
    RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]
    RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
    RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
    RewriteRule .* – [F]
    </IfModule>

    # 5G:[USER AGENTS]
    <IfModule mod_setenvif.c>
    # SetEnvIfNoCase User-Agent ^$ keep_out
    SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out
    <limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    Deny from env=keep_out
    </limit>
    </IfModule>

    # 5G:[REQUEST STRINGS]
    <IfModule mod_alias.c>
    RedirectMatch 403 (https?|ftp|php)\://
    RedirectMatch 403 /(https?|ima|ucp)/
    RedirectMatch 403 /(Permanent|Better)$
    RedirectMatch 403 (\=\\\’|\=\\%27|/\\\’/?|\)\.css\()$
    RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\”\\\”)
    RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
    RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
    RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
    RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
    RedirectMatch 403 \.well\-known/host\-meta
    RedirectMatch 403 /function\.array\-rand
    RedirectMatch 403 \)\;\$\(this\)\.html\(
    RedirectMatch 403 proc/self/environ
    RedirectMatch 403 msnbot\.htm\)\.\_
    RedirectMatch 403 /ref\.outcontrol
    RedirectMatch 403 com\_cropimage
    RedirectMatch 403 indonesia\.htm
    RedirectMatch 403 \{\$itemURL\}
    RedirectMatch 403 function\(\)
    RedirectMatch 403 labels\.rdf
    RedirectMatch 403 /playing.php
    RedirectMatch 403 muieblackcat
    </IfModule>

    # 5G:[REQUEST METHOD]
    <ifModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* – [F]
    </IfModule>
    #AIOWPS_FIVE_G_BLACKLIST_END

    #####################################
    ### PERISHABLE PRESS 4G BLACKLIST ###
    #####################################

    # ESSENTIALS
    RewriteEngine on
    ServerSignature Off
    Options All -Indexes
    Options +FollowSymLinks

    # FILTER REQUEST METHODS
    <IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
    RewriteRule ^(.*)$ – [F,L]
    </IfModule>

    # BLACKLIST CANDIDATES
    <Limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    Deny from 75.126.85.215 “# blacklist candidate 2008-01-02 = admin-ajax.php attack ”
    Deny from 128.111.48.138 “# blacklist candidate 2008-02-10 = cryptic character strings ”
    Deny from 87.248.163.54 “# blacklist candidate 2008-03-09 = block administrative attacks ”
    Deny from 84.122.143.99 “# blacklist candidate 2008-04-27 = block clam store loser ”
    Deny from 210.210.119.145 “# blacklist candidate 2008-05-31 = block _vpi.xml attacks ”
    Deny from 66.74.199.125 “# blacklist candidate 2008-10-19 = block mindless spider running ”
    Deny from 203.55.231.100 “# 1048 attacks in 60 minutes”
    Deny from 24.19.202.10 “# 1629 attacks in 90 minutes”
    </Limit>

    # QUERY STRING EXPLOITS
    <IfModule mod_rewrite.c>
    RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
    RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
    RewriteCond %{QUERY_STRING} tag\= [NC,OR]
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    RewriteCond %{QUERY_STRING} http\: [NC,OR]
    RewriteCond %{QUERY_STRING} https\: [NC,OR]
    RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|’|”|;|\?|\*).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]
    RewriteRule ^(.*)$ – [F,L]
    </IfModule>

    # CHARACTER STRINGS
    <IfModule mod_alias.c>
    # BASIC CHARACTERS
    RedirectMatch 403 \,
    RedirectMatch 403 \:
    RedirectMatch 403 \;
    RedirectMatch 403 \=
    RedirectMatch 403 \@
    RedirectMatch 403 \[
    RedirectMatch 403 \]
    RedirectMatch 403 \^
    RedirectMatch 403 `
    RedirectMatch 403 \{
    RedirectMatch 403 \}
    RedirectMatch 403 \~
    RedirectMatch 403 \”
    RedirectMatch 403 \$
    RedirectMatch 403 \<
    RedirectMatch 403 \>
    RedirectMatch 403 \|
    RedirectMatch 403 \.\.
    RedirectMatch 403 \/\/
    RedirectMatch 403 \%0
    RedirectMatch 403 \%A
    RedirectMatch 403 \%B
    RedirectMatch 403 \%C
    RedirectMatch 403 \%D
    RedirectMatch 403 \%E
    RedirectMatch 403 \%F
    RedirectMatch 403 \%22
    RedirectMatch 403 \%27
    RedirectMatch 403 \%28
    RedirectMatch 403 \%29
    RedirectMatch 403 \%3C
    RedirectMatch 403 \%3E
    RedirectMatch 403 \%3F
    RedirectMatch 403 \%5B
    RedirectMatch 403 \%5C
    RedirectMatch 403 \%5D
    RedirectMatch 403 \%7B
    RedirectMatch 403 \%7C
    RedirectMatch 403 \%7D
    # COMMON PATTERNS
    Redirectmatch 403 \_vpi
    RedirectMatch 403 \.inc
    Redirectmatch 403 xAou6
    Redirectmatch 403 db\_name
    Redirectmatch 403 select\(
    Redirectmatch 403 convert\(
    Redirectmatch 403 \/query\/
    RedirectMatch 403 ImpEvData
    Redirectmatch 403 \.XMLHTTP
    Redirectmatch 403 proxydeny
    RedirectMatch 403 function\.
    Redirectmatch 403 remoteFile
    Redirectmatch 403 servername
    Redirectmatch 403 \&rptmode\=
    Redirectmatch 403 sys\_cpanel
    RedirectMatch 403 db\_connect
    RedirectMatch 403 doeditconfig
    RedirectMatch 403 check\_proxy
    Redirectmatch 403 system\_user
    Redirectmatch 403 \/\(null\)\/
    Redirectmatch 403 clientrequest
    Redirectmatch 403 option\_value
    RedirectMatch 403 ref\.outcontrol
    # SPECIFIC EXPLOITS
    RedirectMatch 403 errors\.
    RedirectMatch 403 config\.
    RedirectMatch 403 include\.
    RedirectMatch 403 display\.
    RedirectMatch 403 register\.
    Redirectmatch 403 password\.
    RedirectMatch 403 maincore\.
    RedirectMatch 403 authorize\.
    Redirectmatch 403 macromates\.
    RedirectMatch 403 head\_auth\.
    RedirectMatch 403 submit\_links\.
    RedirectMatch 403 change\_action\.
    Redirectmatch 403 com\_facileforms\/
    RedirectMatch 403 admin\_db\_utilities\.
    RedirectMatch 403 admin\.webring\.docs\.
    Redirectmatch 403 Table\/Latest\/index\.
    </IfModule>

    #################################
    ##PERISHABLE PRESS 3G BLACKLIST##
    #################################

    # PART I: CHARACTER STRINGS
    <IfModule mod_alias.c>
    RedirectMatch 403 \:
    RedirectMatch 403 \;
    RedirectMatch 403 \<
    RedirectMatch 403 \>
    RedirectMatch 403 \/\,
    RedirectMatch 403 \/\/
    RedirectMatch 403 f\-\.
    RedirectMatch 403 \.\.\.
    RedirectMatch 403 \.inc
    RedirectMatch 403 alt\=
    RedirectMatch 403 ftp\:
    RedirectMatch 403 ttp\:
    RedirectMatch 403 \.\$url
    RedirectMatch 403 \/\$url
    RedirectMatch 403 \/\$link
    RedirectMatch 403 news\.php
    RedirectMatch 403 menu\.php
    RedirectMatch 403 main\.php
    RedirectMatch 403 home\.php
    RedirectMatch 403 view\.php
    RedirectMatch 403 about\.php
    RedirectMatch 403 blank\.php
    RedirectMatch 403 block\.php
    RedirectMatch 403 order\.php
    RedirectMatch 403 search\.php
    RedirectMatch 403 errors\.php
    RedirectMatch 403 button\.php
    RedirectMatch 403 middle\.php
    RedirectMatch 403 threads\.php
    RedirectMatch 403 contact\.php
    RedirectMatch 403 include\.php
    RedirectMatch 403 display\.php
    RedirectMatch 403 register\.php
    RedirectMatch 403 authorize\.php
    RedirectMatch 403 \/wp\-signup\.php
    RedirectMatch 403 \/classes\/
    RedirectMatch 403 \/includes\/
    RedirectMatch 403 \/path\_to\_script\/
    RedirectMatch 403 ImpEvData\.
    RedirectMatch 403 head\_auth\.
    RedirectMatch 403 db\_connect\.
    RedirectMatch 403 check\_proxy\.
    RedirectMatch 403 doeditconfig\.
    RedirectMatch 403 submit\_links\.
    RedirectMatch 403 change\_action\.
    RedirectMatch 403 send\_reminders\.
    RedirectMatch 403 comment\-template\.
    RedirectMatch 403 syntax\_highlight\.
    RedirectMatch 403 admin\_db\_utilities\.
    RedirectMatch 403 admin\.webring\.docs\.
    RedirectMatch 403 function\.main
    RedirectMatch 403 function\.mkdir
    RedirectMatch 403 function\.opendir
    RedirectMatch 403 function\.require
    RedirectMatch 403 function\.array\-rand
    RedirectMatch 403 ref\.outcontrol
    </IfModule>

    # PART II: QUERY STRINGS
    <ifmodule mod_rewrite.c>
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    RewriteCond %{QUERY_STRING} http\: [NC,OR]
    RewriteCond %{QUERY_STRING} https\: [NC,OR]
    RewriteCond %{QUERY_STRING} \[ [NC,OR]
    RewriteCond %{QUERY_STRING} \] [NC]
    RewriteRule .* – [F,L]
    </ifmodule>

    # PART III: USER AGENTS
    SetEnvIfNoCase User-Agent “Jakarta Commons” keep_out
    SetEnvIfNoCase User-Agent “Y!OASIS/TEST” keep_out
    SetEnvIfNoCase User-Agent “libwww-perl” keep_out
    SetEnvIfNoCase User-Agent “MOT-MPx220” keep_out
    SetEnvIfNoCase User-Agent “MJ12bot” keep_out
    SetEnvIfNoCase User-Agent “Nutch” keep_out
    SetEnvIfNoCase User-Agent “cr4nk” keep_out
    <Limit GET POST PUT>
    order allow,deny
    allow from all
    deny from env=keep_out
    </Limit>

    # PART IV: IP ADDRESSES
    <Limit GET POST PUT>
    order allow,deny
    allow from all
    deny from 75.126.85.215 “# blacklist candidate 2008-01-02 = admin-ajax.php attack ”
    deny from 128.111.48.138 “# blacklist candidate 2008-02-10 = cryptic character strings ”
    deny from 87.248.163.54 “# blacklist candidate 2008-03-09 = block administrative attacks ”
    deny from 84.122.143.99 “# blacklist candidate 2008-04-27 = block clam store loser ”
    </Limit>

    ######################################
    ##2G Blacklist from Perishable Press##
    ######################################

    <IfModule mod_alias.c>
    redirectmatch 403 \.inc
    redirectmatch 403 alt\=
    redirectmatch 403 http\:\/\/
    redirectmatch 403 menu\.php
    redirectmatch 403 main\.php
    redirectmatch 403 file\.php
    redirectmatch 403 home\.php
    redirectmatch 403 view\.php
    redirectmatch 403 about\.php
    redirectmatch 403 order\.php
    redirectmatch 403 index2\.php
    redirectmatch 403 errors\.php
    redirectmatch 403 config\.php
    redirectmatch 403 button\.php
    redirectmatch 403 middle\.php
    redirectmatch 403 threads\.php
    redirectmatch 403 contact\.php
    redirectmatch 403 display\.cgi
    redirectmatch 403 display\.php
    redirectmatch 403 include\.php
    redirectmatch 403 register\.php
    redirectmatch 403 db_connect\.php
    redirectmatch 403 doeditconfig\.php
    redirectmatch 403 send\_reminders\.php
    redirectmatch 403 admin_db_utilities\.php
    redirectmatch 403 admin\.webring\.docs\.php
    redirectmatch 403 keds\.lpti
    redirectmatch 403 r\.verees
    redirectmatch 403 pictureofmyself
    redirectmatch 403 remoteFile
    redirectmatch 403 mybabyboy
    redirectmatch 403 mariostar
    redirectmatch 403 zaperyan
    redirectmatch 403 babyboy
    redirectmatch 403 aboutme
    redirectmatch 403 xAou6
    redirectmatch 403 qymux
    </IfModule>

    ###################################################################
    chequear la ubicacion de las ip de los hackers y spammer bloqueados
    ###################################################################

    ——————————–
    http://www.ipaddress-finder.com/
    ——————————–

    ——————————————
    Saber tu IP en: http://www.cualesmiip.com/
    ——————————————

    Lista negra (ejemplo de ip bloqueadas)

    Deny from 76.74.252.180
    Deny from 46.174.67.107
    Deny from 2.72.0.0/13
    Deny from 46.107.0.0/16
    Deny from 31.6.70.0/23
    Deny from 41.97.0.0/16
    Deny from 197.224.0.0/14
    Deny from 41.140.0.0/14
    Deny from 196.43.64.0/19
    Deny from 80.179.244.0/24
    Deny from 195.4.92.0/23
    Deny from 195.4.0.0/16
    Deny from 62.42.0.0/16
    Deny from 75.126.85.215
    Deny from 128.111.48.138
    Deny from 87.248.163.54
    Deny from 84.122.143.99
    Deny from 210.210.119.145
    Deny from 66.74.199.125
    Deny from 203.55.231.100
    Deny from 24.19.202.10
    Deny from 95.110.208.215
    Deny from 193.104.41.186
    Deny from 193.201.224.4
    Deny from 193.111.10.134
    Deny from 195.154.181.160
    Deny from 54.85.133.104
    Deny from 46.118.113.31
    Deny from 186.88.175.225
    Deny from 176.126.252.11
    —————————————–

    #####################################
    Top 5 – chequeos de seguridad online:
    #####################################

    1.) https://www.google.com/safebrowsing/diagnostic?site=tusite.com

    2.) http://sitecheck.sucuri.net/

    3.) http://trafficlight.bitdefender.com/info?url=tusite.com&language=es_ES

    4.) http://quttera.com/home

    5.) https://www.virustotal.com/es/
    —————————————————————————

    ########
    #FIN…
    ########

  • #77198

    Juan Bon
    Participante

    esto me tomo un tiempo armarlo y pulirlo, pero siempre estoy mejorando las reglas y actualizandolas y es primera vez que la comparto.

    espero que sea de ayuda para muchos!!!

    Les recomiendo bajar el Archivo comprimido para una mejor lectura de las reglas, etc.

    …si necesitas ayuda no dudes en escribirme a: juanbon2014@gmail.com o juanbon@panrental.com

  • #77199

    Juan Bon
    Participante

    Les comparto el enlace nuevamente: http://goo.gl/hJEYGp

    ejemplo de la pagina personalizada 403 de acceso denegado

    [IMG]http://i58.tinypic.com/2ii7pf5.jpg[/IMG]

  • #77203

    Juan Bon
    Participante

    Todas las reglas no aplica para todos. usar con cuidado!

    Seguridad actualizada: http://goo.gl/tnqfBl (23/1/2015 – 1:32 PM)

    recuerda que siempre estamos para aprender algo nuevo!

    los plugins que debes usar a la vez a continuacion:

    1.) block bad queries

    2.) wordpress firewall 2

    3.) stealth login page

    4.) limit login attempts

    5.) cleantalk spam protect (opcional) – 15 dias gratis, despues pagar 8 dolares al año.

    …si aplicas correctamente lo que comparto las posibilidades de que te hackeen o injecten codigo malicioso son minimas, pero hay 2 cosas importantes aparte de las que explico en el comprimido.. si vas hacer un usuario y contraseña que no sea para recordar igual cuidarse de plugins y temas vulnerables que hay muchos. lo demas esta claramente explicado.

    …Algun administrador que corriga el titulo sino es mucha molestia. gracias

  • #77206

    Juan Bon
    Participante

    Optimizacion de las reglas añadida: http://goo.gl/b5cPTV

    Plugins recomendado para backup:

    1.) Backupbuddy

    2.) Duplicator

    tips: despues de hacer el backup de tu sitio y descargado eliminar dicho plugins y todo los residuos y backups. por razones de seguridad.

    igual puedes hacer un backup manualmente de tu carpeta public.html en compresión zip igual hacer lo mismo con la base de datos cada cierto tiempo. es mejor prevenir que lamentar.

    no utilizes plugin que te permitan ver la base de datos
    o el archivo wp-config.php desde la administración de
    wordpress como por ejemplo:

    “all in one wp security and firewall”

    Saludos desde Panamá

  • #77208

    Juan Bon
    Participante

    Archivos Actualizados: http://goo.gl/OdrrqQ (23/1/2015 – 7:26 PM)

    Si solo tu administras tu sitio y quieres evitar que otros puedan entrar o ver el login mientras no estas solo aplica esta regla en el
    .htaccess de la raiz:

    # Deny access to wp-login.php file
    <Files wp-login.php>
    Order allow,deny
    Deny from all
    </Files>

    ——————————————————-
    Igual puedes hacer lo mismo con el .htaccess de wp-admin:

    # Deny access to admin.php file
    <Files admin.php>
    Order allow,deny
    Deny from all
    </Files>

    # Deny access to admin-ajax.php file
    <Files admin-ajax.php>
    Order allow,deny
    Deny from all
    </Files>

    para volver a entrar solo deshabilita las reglas y las vuelves a poner cuando termines tu sesión. igual con el plugin limit login attempts y stealth login page controlas los accesos por fuerza bruta.

    no les recomiendo que cambien la url del login o wp-admin…

    Recuerden usar un documento personalizado 403.

    lista de plugins ensenciales:

    1.) block bad queries
    2.) wordpress firewall 2
    3.) stealth login page
    4.) limit login attempts
    5.) Backupbuddy
    6.) Duplicator
    7.) WordPress seo premium (YOAST)
    8.) smart cleanup tools
    9.) WP super cache (usarlo con cuidado)

    Saludos, 🙂

  • #77210

    Juan Bon
    Participante

    Bloquear el escaneo humans.txt con .htaccess

    # block humans.txt scans
    <IfModule mod_rewrite.c>
    RewriteCond %{QUERY_STRING} http\:\/\/www\.google\.com\/humans\.txt\? [NC]
    RewriteRule .* – [F,L]
    </IfModule>

    ——————————————————————

    Seguridad .htaccess para wp-admin (no aplica para todos)

    # Disable access to all file types except the following
    Order deny,allow
    Deny from all
    <Files ~ “.(xml|css|js|jpe?g|png|gif)$”>
    Allow from all
    </Files>

    # Limit logins and admin by IP
    <Limit GET POST PUT>
    order deny,allow
    deny from all
    allow from xxx.xxx.xxx.xxx
    </Limit>

    # Deny access to admin.php file (solo cuando no estes en sesión)
    <Files admin.php>
    Order allow,deny
    Deny from all
    </Files>

    # Deny access to admin-ajax.php file (si utilizas ajax omitir esto)
    <Files admin-ajax.php>
    Order allow,deny
    Deny from all
    </Files>

    # Protect the .htaccess
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>

    ———————————————————

    Ejemplo de Documento personalizado 403.shtml (Acceso prohibido)

    <style type=”text/css”>
    body {
    background-color: #000;
    }
    body,td,th {
    color: #46e73a;
    font-size: 24px;
    }
    </style>
    <p align=”center”>Tu <!–#echo var=”REMOTE_ADDR” –> no tienes autorizacion para hacer eso!!!</p>

    <p align=”center”>prohibido</p>
     
    <div align=”center”>…Acceso Denegado!!! </div>

  • #77211

    Juan Bon
    Participante

    Proteger wp-config.php y wp-login.php (no aplica para todos)

    # Deny access to wp-login.php file (esto bloquea el login)
    <Files wp-login.php>
    Order allow,deny
    Deny from all
    </Files>

    # Protect the .htaccess
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>

    # Deny access to wp-config.php file
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>

    # Deny access to all .htaccess files
    <files ~ “^.*\.([Hh][Tt][Aa])”>
    order allow,deny
    deny from all
    satisfy all
    </files>

    Las reglas 6g firewall beta no las recomiendo en ciertos casos. usar con cuidado.

    espero que todo lo escrito aqui sea de ayuda para muchos.

    hasta la proxima<strong/> 🙂

El foro ‘Seguridad’ está cerrado y no se permiten nuevos debates ni respuestas.

Pin It on Pinterest