我有一个wordpress多站点,并且我们有一个生产线开发人员。我试图禁止从除my-beta-site.com以外的所有其他域对wp-login.php和wp-admin目录的所有访问。我在使用wordpress中的自定义404页面时无法解决此问题。我感觉到我在.htaccess中的订单导致此问题,并且我可能未正确应用重写规则。我花了很多时间来使它与https重定向一起很好地工作(这导致403与404无限循环)。我当前的解决方案正在运行,但是即使与指定的域不匹配,它也会破坏wp-admin目录中的自定义404页面。我想解决这个问题。
当前代码违反了自定义404
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# if it is not for domain gapbeta.org then block it
RewriteCond %{HTTP_HOST} !^(.*)?my-beta-site\.com [NC]
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin/(.*)?$
RewriteRule . - [R=404]
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
原始htaccess,无需添加
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]