AudicerStudio
Reputation: 13
Redirect from wp-includes to 404 Error page
My goal is to redirect the user when visit anything in the wp-includes directory to a custom 404 page. I am trying to hide any evidence that I am running WordPress and block out any hackers.
I don't want the default Forbidden message that Apache has setup by default so instead use one of WordPress 404.php templates instead.
I have tried the HTACCESS file method but it affects any css, jpg, and js files. Any help would be nice.
Upvotes: 1
Views: 1330
Answers (1)
Jeff
Reputation: 2433
You should give the wordpress docs a read. They have an entire page on Hardening Wordpress. See the section on Securing wp-includes:
http://codex.wordpress.org/Hardening_WordPress#Securing_wp-includes
# Block the include-only files.
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
# BEGIN WordPress
Upvotes: 1
Related Questions
- redirect 404 page using htaccess
- Wordpress - Force 404 Errors in Htaccess
- Mod Rewrite and 404 redirect
- .htaccess does not redirects to custom 404 page
- PHP 404 not found page with no redirect + include page
- Using standard error 404 instead of wordpress 404 - htaccess
- .htaccess redirect 404 page not found
- redirecting page to 404
- .htaccess rewrite rule redirect to 404 page
- Redirection to 404 pages with .htaccess