Regular Expressions 101

Community Patterns

Community Library Entry

1

Regular Expression
PCRE2 (PHP >=7.3)

/
(?!.*(?:this|and|that))(wp-(.*)|xmlrpc)\.php$
/
gm

Description

Secure Apache WordPress Root Directory using your Apache vhost config file instead of .htaccess by using this RegEx for file-name exclusions' i.e. (wp-activate|wp-mail|wp-signup) and {wp-} for all WordPress root files' starting with {wp-}.

Excluding wp-activate.php, wp-signup.php and wp-mail.php from Apaches' FileMatch denied 403 Forbidden Access response.

<Directory /var/www/wordpress/>
	<FilesMatch "(?!.*(?:wp-activate|wp-signup|wp-mail))(wp-(.*)|xmlrpc)\.php$">
		Require all denied
	</FilesMatch>
</Directory>

Excluding none (the word none is just RegEx place holder) from Apaches' FileMatch denied 403 Forbidden Access response.

<Directory /var/www/wordpress/>
	<FilesMatch "(?!.*(?:none))(wp-(.*)|xmlrpc)\.php$">
		Require all denied
	</FilesMatch>
</Directory>
Submitted by Scæntią - 3 months ago (Last modified 3 months ago)