[Topic manually moved to this relevant Topic]
Hello,
I have problems with code:
# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots, HackerBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
RewriteRule ^(.*)$ - [F,L]
This code block me from WP login page access. I receive 403 error. I’m using ServerPilot and DigitalOcean VPS and I contacted ServerPilot support and they said this: It won’t work to block HTTP/1.0 requests. So, you should replace these three lines:
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
with this one line:
RewriteCond %{HTTP_USER_AGENT} ^$
What do you think? Is it ok to replace this three lines with this one?
- This reply was modified 8 hours, 19 minutes ago by AITpro Admin.