# BEGIN NinjaFirewall
<IfModule Litespeed>
   php_value auto_prepend_file "/home/galapago/public_html/wp-content/nfwlog/ninjafirewall.php"
</IfModule>
# END NinjaFirewall

# SOFTACULOUS Block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC,OR]
RewriteCond %{REQUEST_URI} ^.*wp-json/wp/v2/(users) [NC]
RewriteRule .* - [F]
# SOFTACULOUS Block author scans End


# BEGIN WordPress
# Las directivas (líneas) entre «BEGIN WordPress» y «END WordPress» son
# generadas dinámicamente y solo deberían ser modificadas mediante filtros de WordPress.
# Cualquier cambio en las directivas que hay entre esos marcadores serán sobrescritas.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
# SOFTACULOUS Block xmlrpc
<files xmlrpc.php>
	Require all denied
</files>
# SOFTACULOUS Block xmlrpc End

# SOFTACULOUS Block .htaccess and .htpasswd
<FilesMatch ^(?i:\.ht.*)$>
	Require all denied
</FilesMatch>
# SOFTACULOUS Block .htaccess and .htpasswd End

# SOFTACULOUS Block directory browsing
Options -Indexes
# SOFTACULOUS Block directory browsing End

# SOFTACULOUS Block access sensitive files
<FilesMatch "^.*(((?:wp-config)\.(?:php|bak|swp))|php.ini|\.[hH][tT][aApP].*|((?:error_log|readme|license|changelog|-config|-sample)\.(?:php|md|log|txt|htm|html)))$">
	Require all denied
</FilesMatch>
# SOFTACULOUS Block access sensitive files End

# SOFTACULOUS Enable bot protection
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC]
RewriteRule ^(.*)$ http://no.access/
# SOFTACULOUS Enable bot protection End

# Wordfence WAF
<IfModule LiteSpeed>
php_value auto_prepend_file '/home/galapago/public_html/wordfence-waf.php'
</IfModule>
<IfModule lsapi_module>
php_value auto_prepend_file '/home/galapago/public_html/wordfence-waf.php'
</IfModule>
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF


<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 194.127.167.90
deny from 134.17.14.122
deny from 93.166.103.102
deny from 172.241.37.71
deny from 82.223.39.181
deny from 31.210.51.253
deny from 159.89.158.67
deny from 176.123.10.50
deny from 35.150.152.126
deny from 205.185.123.102
deny from 43.202.61.29
deny from 34.141.151.163
deny from 34.34.17.27
deny from 66.175.44.53
deny from 52.187.212.84
deny from 164.90.171.162
deny from 34.90.199.112
deny from 185.88.154.204
deny from 5.56.132.109
deny from 167.71.233.39
deny from 34.90.229.81
deny from 52.90.19.175
deny from 103.177.150.17
deny from 18.221.250.24
deny from 35.164.188.238
deny from 13.79.236.237
deny from 212.11.64.160
deny from 185.241.208.215
deny from 34.229.195.160
deny from 167.99.158.223
deny from 134.17.14.12
