Custom htaccess for wordpress with CF and Flexible SSL?


#1

Hi
Is there any custom wordpress htaccess code prevents attackers which compatible with Cloudflare and Flexible SSl?


#2

What are you trying to stop? To stop direct access, I made sure I had IP Geolocation turned on in Cloudflare’s Network tab, then added the following to .htaccess:

RewriteEngine On 
RewriteCond %{HTTP:CF-IPCountry} ^$
RewriteRule ^ - [F,L]

If a visitor came directly to my IP address, it would see they didn’t have the IPCountry header and rewrite the URL to null and not load the site.


#3

I try to build a cloudflare compatible htaccess file which prevents from sql injections and other hacking attempts.

Can I add codes on this guideline: https://premium.wpmudev.org/blog/htaccess/ ?


#4

Sure, Cloudflare is pretty transparent in this regard.

Though it’d be easier just to install a security plugin like Wordfence.


#5

The point is I dont want to install a plugin. I just wanna use secure htaccess rules which is compatible with cloudflare.


#6

Hi vpd, you might want to take a look at the 6G firewall, a free set of htaccess rules by Jeff Starr of Perishable Press
https://perishablepress.com/6g/