# SOFTACULOUS Block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC,OR]
RewriteCond %{REQUEST_URI} ^.*wp-json/wp/v2/users(?!/me) [NC]
RewriteRule .* - [F,L]
# SOFTACULOUS Block author scans End

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# SOFTACULOUS Block xmlrpc
<files xmlrpc.php>
	Require all denied
</files>
# SOFTACULOUS Block xmlrpc End

# SOFTACULOUS Block .htaccess and .htpasswd
<FilesMatch ^(?i:\.ht.*)$>
	Require all denied
</FilesMatch>
# SOFTACULOUS Block .htaccess and .htpasswd End


# SOFTACULOUS Block directory browsing
Options -Indexes
# SOFTACULOUS Block directory browsing End

# SOFTACULOUS Block access sensitive files
<FilesMatch "^.*(((?:wp-config)\.(?:php|bak|swp))|php.ini|\.[hH][tT][aApP].*|((?:error_log|readme|license|changelog|-config|-sample)\.(?:php|md|log|txt|htm|html)))$">
	Require all denied
</FilesMatch>
# SOFTACULOUS Block access sensitive files End

# SOFTACULOUS Enable bot protection
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC]
RewriteRule ^(.*)$ http://no.access/
# SOFTACULOUS Enable bot protection End

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php82” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php82 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit