Dahu73
Forum Replies Created
-
oups
Can I add a rule like this ?
RewriteRule ^(/actualite/)?wp-login?$ /actualite/
dwinden,
https://www.domain.com/actualite/tagadac work fine
so SSL is well enabled, and the slug work fine.I have no rewrite rule in my apache SSL conf about wp-login.
My only pb is
https://www.domain.com/actualite/wp-login
or
https://www.domain.com/actualite/wp-login/don’t redirect to
https://www.domain.com/actualite/tagadacCan I add a rule like this ?
RewriteRule ^(/actualite/)?wp-login?$ /actualite/tagadac
Thanks for your response.
I give you my htaccess file below :# BEGIN iThemes Security # BEGIN Hide Backend # Rules to hide the dashboard RewriteRule ^(/actualite/)?tagadac/?$ /actualite/wp-login.php [QSA,L] # END Hide Backend # BEGIN Tweaks # Rules to block access to WordPress specific files <files .htaccess> Order allow,deny Deny from all </files> <files readme.html> Order allow,deny Deny from all </files> <files readme.txt> Order allow,deny Deny from all </files> <files install.php> Order allow,deny Deny from all </files> <files wp-config.php> Order allow,deny Deny from all </files> # Rules to disable XML-RPC <files xmlrpc.php> Order allow,deny Deny from all </files> # Rules to disable directory browsing Options -Indexes <IfModule mod_rewrite.c> RewriteEngine On # Rules to protect wp-includes RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] # Rules to prevent php execution in uploads RewriteRule ^(.*)/uploads/(.*).php(.?) - [F] # Rules to block unneeded HTTP methods RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC] RewriteRule ^(.*)$ - [F] # Rules to block suspicious URIs RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR] RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR] RewriteCond %{QUERY_STRING} etc/passwd [NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC] RewriteCond %{QUERY_STRING} !^loggedout=true RewriteCond %{QUERY_STRING} !^action=jetpack-sso RewriteCond %{QUERY_STRING} !^action=rp RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteCond %{HTTP_REFERER} !^https://maps\.googleapis\.com(.*)$ RewriteRule ^(.*)$ - [F] </IfModule> # END Tweaks # END iThemes Security # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /actualite/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /actualite/index.php [L] </IfModule> # END WordPressHi,
Thanks for your help. I give you some response below
>> Are you referring to /wp-login or /wp-login.php ?
https://www.domain.com/wp-login
https://www.domain.com/wp-login/
this 2 URL still allows access to the WP login screenbut it work for :
https://www.domain.com/wp-login.php => produce a 404>>make sure the “Enable the hide backend feature” checkbox is ticked
It’s ok>> Are you using any caching plugin ?
No. I’m on a preprod server>> Have you already tried clearing the browser cache ?
Yes. Local cache is clear.>> Also confirm you are using iTSec 4.5.10 (or higher) in WP 4.1
Version 4.6.2 in WP 4.1>>If possible please provide me with your URL.
Sorry. Not possible : not accessible form external