One Hat Cyber Team
Your IP :
3.15.27.146
Server IP :
104.21.7.16
Server :
Linux server3.shared.spaceship.host 4.18.0-372.9.1.1.lve.el8.x86_64 #1 SMP Tue May 24 07:49:22 EDT 2022 x86_64
Server Software :
LiteSpeed
PHP Version :
8.2.28
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
rlcugxuggt
/
dafriappsdev.com
/
Edit File:
.htaccess.bk
# BEGIN HMWP_VULNERABILITY <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_URI} !/wp-admin [NC] RewriteCond %{QUERY_STRING} ^author=\d+ [NC] RewriteRule ^(.*)$ - [L,R=404] </IfModule> <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REMOTE_ADDR} ^35.214.130.87$ [NC,OR] RewriteCond %{REMOTE_ADDR} ^192.185.4.40$ [NC,OR] RewriteCond %{REMOTE_ADDR} ^15.235.50.223$ [NC,OR] RewriteCond %{REMOTE_ADDR} ^172.105.48.130$ [NC,OR] RewriteCond %{REMOTE_ADDR} ^167.99.233.123$ [NC,OR] RewriteCond %{HTTP_USER_AGENT} (wpthemedetector|builtwith|isitwp|wapalyzer|mShots|WhatCMS|gochyu|wpdetector|scanwp) [NC] RewriteRule ^(.*)$ - [L,R=404] </IfModule> <IfModule mod_headers.c> Header always unset x-powered-by Header always unset server ServerSignature Off </IfModule> <IfModule mod_headers.c> Header set Strict-Transport-Security "max-age=15768000;includeSubdomains" Header set Content-Security-Policy "object-src 'none'" Header set X-XSS-Protection "1; mode=block" </IfModule> <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_|hmwp_logged_in_) [NC] RewriteCond %{REQUEST_URI} ^/wp-content/?$ [NC,OR] RewriteCond %{REQUEST_URI} ^/wp-content/[^\.]+/?$ [NC,OR] RewriteCond %{THE_REQUEST} /wp-includes/?$ [NC,OR] RewriteCond %{THE_REQUEST} /wp-content/plugins/[^\.]+(\.php|\.htm|\.html|\.rtf|\.rtx|\.txt|\.lock) [NC,OR] RewriteCond %{THE_REQUEST} /wp-content/themes/[^\.]+(\.php|\.htm|\.html|\.rtf|\.rtx|\.txt|\.lock) [NC,OR] RewriteCond %{THE_REQUEST} /wp-content/uploads/[^\.]+(\.php|\.htm|\.html|\.rtf|\.rtx|\.txt|\.lock) [NC,OR] RewriteCond %{THE_REQUEST} /wp-includes/[^\.]+(\.php|\.htm|\.html|\.rtf|\.rtx|\.txt|\.lock) [NC,OR] RewriteCond %{THE_REQUEST} /([_0-9a-zA-Z-]+/)?(wp-config-sample\.php|readme\.html|readme\.txt|install\.php|license\.txt|php\.ini|bb-config\.php|error_log|debug\.log) [NC] RewriteRule ^(.*)$ - [L,R=404] </IfModule> <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_URI} /(wp-config-sample\.php|readme\.html|readme\.txt|install\.php|license\.txt|php\.ini|bb-config\.php|error_log|debug\.log) [NC] RewriteRule ^(.*)$ - [L,R=404] </IfModule> # END HMWP_VULNERABILITY # BEGIN HMWP_RULES <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^([_0-9a-zA-Z-]+/)?ajax-call$ /wp-admin/admin-ajax.php [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?ghost-admin/(.*) /wp-admin/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?ghost-login$ /wp-login.php [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?ghost-login/(.*) /wp-login.php$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?lostpass$ /wp-login.php?action=lostpassword [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?register$ /wp-login.php?action=register [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?disconnect$ /wp-login.php?action=logout [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/788a5416df/(.*) /wp-content/plugins/advanced-google-recaptcha/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/e39123425b/(.*) /wp-content/plugins/all-in-one-wp-migration/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/62d794db35/(.*) /wp-content/plugins/before-after-image-comparison-slider-for-elementor/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/229158440e/(.*) /wp-content/plugins/tuxedo-big-file-uploads/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/64661b86c7/(.*) /wp-content/plugins/woo-checkout-field-editor-pro/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/c30cd9ec18/(.*) /wp-content/plugins/woocommerce-checkout-field-editor-pro/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/3c9a20505c/(.*) /wp-content/plugins/woolementor/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/8516d2654f/(.*) /wp-content/plugins/contact-form-7/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/9f317f697d/(.*) /wp-content/plugins/contact-form-7-simple-recaptcha/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/7e4609f00f/(.*) /wp-content/plugins/cookie-law-info/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/f65f29574d/(.*) /wp-content/plugins/elementor/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/ccc473c329/(.*) /wp-content/plugins/elementor-pro/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/ded0dced2e/(.*) /wp-content/plugins/image-optimization/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/7af5317b03/(.*) /wp-content/plugins/limit-login-attempts-reloaded/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/966a9fe7d2/(.*) /wp-content/plugins/litespeed-cache/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/feaa71ed59/(.*) /wp-content/plugins/loginizer/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/8c6b2640d1/(.*) /wp-content/plugins/mailchimp-for-wp/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/730989126b/(.*) /wp-content/plugins/modern-comparison-slider/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/dcaa413758/(.*) /wp-content/plugins/product-import-export-for-woo/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/f73730c2cd/(.*) /wp-content/plugins/seo-by-rank-math/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/f1cef74f41/(.*) /wp-content/plugins/seo-by-rank-math-pro/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/f5fee5c6aa/(.*) /wp-content/plugins/safe-svg/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/423793c441/(.*) /wp-content/plugins/revslider-6.7.27/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/e9b510ef11/(.*) /wp-content/plugins/image-sizes/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/9b94c2607f/(.*) /wp-content/plugins/unlimited-elements-for-elementor-premium/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/39d10ee62c/(.*) /wp-content/plugins/woocommerce/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/560c75dc15/(.*) /wp-content/plugins/woocommerce-paypal-payments/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/52933b399d/(.*) /wp-content/plugins/woocommerce-gateway-stripe/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/bda9c184df/(.*) /wp-content/plugins/woodmart-core/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/067a15d05a/(.*) /wp-content/plugins/wpforms-lite/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/d0f4711431/(.*) /wp-content/plugins/hide-my-wp/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/modules/(.*) /wp-content/plugins/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/views/333853c80f/design.css$ /wp-content/themes/woodmart/style.css [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/views/333853c80f/(.*) /wp-content/themes/woodmart/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/views/(.*) /wp-content/themes/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?storage/(.*) /wp-content/uploads/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?core/(.*) /wp-content/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?lib/(.*) /wp-includes/$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?comments/(.*) /wp-comments-post.php$2 [QSA,L] RewriteRule ^([_0-9a-zA-Z-]+/)?writer/(.*) /author/$2 [QSA,L] </IfModule> # END HMWP_RULES # BEGIN SpeedyCacheheaders FileETag None <IfModule mod_headers.c> Header unset ETag </IfModule> <FilesMatch "\.(html)$"> <IfModule mod_headers.c> Header set x-speedycache-source "Server" Header set Cache-Tag "dafriappsdev.com" Header set CDN-Cache-Control "max-age=1296000" Header set Cache-Control "public" Header unset Pragma Header unset Last-Modified </IfModule> </FilesMatch> <FilesMatch "\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$"> <IfModule mod_headers.c> Header unset Pragma Header set Cache-Control "public" </IfModule> </FilesMatch> # END SpeedyCacheheaders # BEGIN Gzipspeedycache <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE font/otf AddOutputFilterByType DEFLATE font/ttf AddOutputFilterByType DEFLATE font/woff AddOutputFilterByType DEFLATE font/woff2 AddOutputFilterByType DEFLATE text/js AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-otf AddOutputFilterByType DEFLATE application/x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/font-woff2 AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/rss+xml </IfModule> # END Gzipspeedycache # BEGIN LBCspeedycache <IfModule mod_expires.c> ExpiresActive on ExpiresDefault A0 ExpiresByType text/css A31536000 ExpiresByType text/javascript A31536000 ExpiresByType font/ttf A31536000 ExpiresByType font/otf A31536000 ExpiresByType font/woff A31536000 ExpiresByType font/woff2 A31536000 ExpiresByType image/jpg A31536000 ExpiresByType image/jpeg A31536000 ExpiresByType image/png A31536000 ExpiresByType image/gif A31536000 ExpiresByType image/webp A31536000 ExpiresByType image/x-icon A31536000 ExpiresByType image/svg+xml A31536000 ExpiresByType image/vnd.microsoft.icon A31536000 ExpiresByType video/ogg A31536000 ExpiresByType video/mp4 A31536000 ExpiresByType video/webm A31536000 ExpiresByType audio/ogg A31536000 ExpiresByType application/pdf A31536000 ExpiresByType application/javascript A31536000 ExpiresByType application/x-javascript A31536000 ExpiresByType application/x-font-ttf A31536000 ExpiresByType application/x-font-woff A31536000 ExpiresByType application/font-woff A31536000 ExpiresByType application/font-woff2 A31536000 ExpiresByType application/vnd.ms-fontobject A31536000 </IfModule> # END LBCspeedycache # BEGIN WEBPspeedycache <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_ACCEPT} image/webp RewriteCond %{REQUEST_FILENAME} \.(jpe?g|png|gif)$ RewriteCond %{DOCUMENT_ROOT}/$1.webp -f RewriteRule ^(.+)\.(jpe?g|png|gif)$ $1.webp [T=image/webp,L] </IfModule> <IfModule mod_headers.c> Header append Vary Accept env=REDIRECT_accept </IfModule> AddType image/webp .webp # END WEBPspeedycache # BEGIN speedycache <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_METHOD} GET RewriteCond %{HTTP_USER_AGENT} !(Mediatoolkitbot|facebookexternalhit|SpeedyCacheCCSS) RewriteCond %{QUERY_STRING} ="" RewriteCond %{HTTP:Cookie} !(comment_author_|wordpress_logged_in_) RewriteCond %{REQUEST_URI} !(\/){2}$ RewriteCond %{REQUEST_URI} !^/(wp-(?:admin|login|register|comments-post|cron|json))/ [NC] RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/speedycache/%{HTTP_HOST}/all%{REQUEST_URI}/index.html -f RewriteRule ^(.*) /wp-content/cache/speedycache/%{HTTP_HOST}/all%{REQUEST_URI}/index.html [L] </IfModule> # END speedycache # BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. <IfModule mod_rewrite.c> RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress # BEGIN Security Block # Block the include-only files. <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] </IfModule> # Disable directory listing Options All -Indexes # Remove header with PHP version Header always unset X-Powered-By Header unset X-Powered-By # END Security Block # BEGIN LiteSpeed # The directives (lines) between "BEGIN LiteSpeed" and "END LiteSpeed" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. <IfModule Litespeed> SetEnv noabort 1 </IfModule> # END LiteSpeed
Simpan