[Topic manually moved to this relevant Topic]
Hello,
I have problems with code:
# BRUTE FORCE LOGIN PAGE PROTECTION # Protects the Login page from SpamBots, HackerBots & Proxies # that use Server Protocol HTTP/1.0 or a blank User Agent RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$ RewriteCond %{HTTP_USER_AGENT} ^$ [OR] RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR] RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$ RewriteRule ^(.*)$ - [F,L]
This code block me from WP login page access. I receive 403 error. I’m using ServerPilot and DigitalOcean VPS and I contacted ServerPilot support and they said this: It won’t work to block HTTP/1.0 requests. So, you should replace these three lines:
RewriteCond %{HTTP_USER_AGENT} ^$ [OR] RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR] RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$ with this one line: RewriteCond %{HTTP_USER_AGENT} ^$
What do you think? Is it ok to replace this three lines with this one?