在php层只能添加这么多安全性。要获得更高的安全性,请修改。htaccess文件,禁用目录浏览,禁用XML-RPC,并拒绝访问特定于WP的文件。
<files .htaccess>
Order allow,deny
Deny from all
</files>
<files readme.html>
Order allow,deny
Deny from all
</files>
<files readme.txt>
Order allow,deny
Deny from all
</files>
<files install.php>
Order allow,deny
Deny from all
</files>
<files wp-config.php>
Order allow,deny
Deny from all
</files>
# Rules to disable XML-RPC
<files xmlrpc.php>
Order allow,deny
Deny from all
</files>
# Rules to disable directory browsing
Options -Indexes
不要/毕竟,pxs/wp内容/上传/打开到web。如果您上传了一份包含重要细节或其他内容的合同,该怎么办
禁止黑客修理。您的com黑名单。htaccess文件也是一个好主意。下面是它的开头:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Acunetix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^binlar [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Bolt\\ 0 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\\ mailto:craftbot\\@yahoo\\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^BOT\\ for\\ JCE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^casper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^checkprivacy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
