evil_host_trap_wp.conf

#By Josef Meile <jmeile@hotmail.com> @ June, 2019

#Here I will block common WordPress vulnerabilities, ie: access to the
#xmlrpc.php file, which can be used by some plugins, but it is advisable to
#disable it if you don't need it.

#Make sure to include this file after your CustomLog directive; otherwise the
#request of the blocked host won't be registered into the apache's log file

#For use instructions, see the evil_host_trap_init.conf file.

#Conditions for WordPress websites. Here you can add more rules by adding
#the [OR] operator at the end

#The following two lines will be using to block the access to the wp-login.php
#file. This can be enabled if you have a plugin to hide the login page, ie:
#iThemes Security plugin. Also make sure that you whitelist your ip. In case of
#iThemes, the login page will be rewritten to: wp-login.php?query_string after
#the user enters the hidden login slug, so, the first line will check if the
#query string is empty; if so, this means that some host tried to access it
#directly.
#RewriteCond %{QUERY_STRING} ^$
#RewriteCond %{REQUEST_URI} ^(.*)wp-login.php(.*)$ [NC,OR]

#This assumes that you aren't using xmlrpc.php in your WordPress. If you have
#it enabled, then comment the next line
RewriteCond %{REQUEST_URI} ^(.*)xmlrpc(.*)$ [NC]