
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   #php_flag display_errors Off
   #php_value max_execution_time 90
   #php_value max_input_time 60
   #php_value max_input_vars 1000
   #php_value memory_limit 256M
   #php_value post_max_size 128M
   #php_value session.gc_maxlifetime 1440
   #php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
   #php_value upload_max_filesize 100M
   #php_flag zlib.output_compression On
</IfModule>
<IfModule lsapi_module>
   #php_flag display_errors Off
   #php_value max_execution_time 90
   #php_value max_input_time 60
   #php_value max_input_vars 1000
   #php_value memory_limit 256M
   #php_value post_max_size 128M
   #php_value session.gc_maxlifetime 1440
   #php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
   #php_value upload_max_filesize 100M
   #php_flag zlib.output_compression On
</IfModule>
# END cPanel-generated php ini directives, do not edit

# SOFTACULOUS Block xmlrpc
<files xmlrpc.php>
	Require all denied
</files>
# SOFTACULOUS Block xmlrpc End

# SOFTACULOUS Block .htaccess and .htpasswd
<FilesMatch ^(?i:\.ht.*)$>
	Require all denied
</FilesMatch>
# SOFTACULOUS Block .htaccess and .htpasswd End

# SOFTACULOUS Block author scans
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
# SOFTACULOUS Block author scans End

# SOFTACULOUS Block directory browsing
Options -Indexes
# SOFTACULOUS Block directory browsing End

# SOFTACULOUS Block access sensitive files
<FilesMatch "^.*(((?:wp-config)\.(?:php|bak|swp))|php.ini|\.[hH][tT][aApP].*|((?:error_log|readme|license|changelog|-config|-sample)\.(?:php|md|log|txt|htm|html)))$">
	Require all denied
</FilesMatch>
# SOFTACULOUS Block access sensitive files End

# SOFTACULOUS Enable bot protection
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} (?:virusbot|spambot|evilbot|acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests) [NC]
RewriteRule ^(.*)$ http://no.access/
# SOFTACULOUS Enable bot protection End
