Reputation: 53
.htaccess with strange code
So my .htaccess file is looking like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
php_value max_execution_time 1800
# END WordPress
#RewriteCond %{HTTP_USER_AGENT} Firefox\/40\.1
#RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
#RewriteCond %{REQUEST_URI} ^(.*)?xmlrpc\.php(.*)$ [OR]
#RewriteCond %{REQUEST_URI} ^(.*)?wp-admin(.*)$
#RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.121$
#RewriteRule ^(.*)$ - [R=403,L]
SetEnvIfNoCase User-Agent "Firefox/40.1" tool Deny from env=tool
After the # END Wordpress looks pretty strange. I searched google and found that "SetEnvIfNoCase" line shouldn't be there. Is it correct?
Upvotes: 0
Views: 98
Answers (1)
Reputation: 649
Everyone who visits a site leaves behind a trace of how they accessed that website.
For example: Chrome leaves behind Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
Some spam bots (automated programs hackers unleash first, to find vulnerable websites and WordPress installations) leave behind a fake trace. (By the way, this trace is called “user-agent”.)
Apparently, this particular web hosting company has suffered a massive attack from a particular spam bot with fake trace identification (“user-agent”) of “Firefox/40.1”. (Firefox never had such a version.)
All the recommended code does is block access to visits with that particular user-agent.
Upvotes: 2
Related Questions
- Unknown .htaccess code
- What does this .htaccess code mean?
- How to resolve following htaccess code
- Need help understanding contents of a .htaccess file
- Questionable rewrite rule in htaccess file
- what is this htaccess rule actually doing
- What does this htaccess code do?
- Please explain this htaccess file
- what is line in the htaccess doing?
- weird htaccess question