# BEGIN iThemes Security - Do not modify or remove this line
# iThemes Security Config Details: 2
	# Ban Hosts - Security > Settings > Banned Users
	SetEnvIF REMOTE_ADDR "^135\.125\.27\.229$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^135\.125\.27\.229$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^135\.125\.27\.229$" DenyAccess

	SetEnvIF REMOTE_ADDR "^51\.89\.205\.195$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^51\.89\.205\.195$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^51\.89\.205\.195$" DenyAccess

	SetEnvIF REMOTE_ADDR "^20\.51\.186\.1$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^20\.51\.186\.1$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^20\.51\.186\.1$" DenyAccess

	SetEnvIF REMOTE_ADDR "^3\.81\.3\.41$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^3\.81\.3\.41$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^3\.81\.3\.41$" DenyAccess

	<IfModule mod_authz_core.c>
		<RequireAll>
			Require all granted
			Require not env DenyAccess
			Require not ip 135.125.27.229
			Require not ip 51.89.205.195
			Require not ip 20.51.186.1
			Require not ip 3.81.3.41
		</RequireAll>
	</IfModule>
	<IfModule !mod_authz_core.c>
		Order allow,deny
		Allow from all
		Deny from env=DenyAccess
		Deny from 135.125.27.229
		Deny from 51.89.205.195
		Deny from 20.51.186.1
		Deny from 3.81.3.41
	</IfModule>

	# Protect System Files - Security > Settings > System Tweaks > System Files
	<files .htaccess>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files readme.html>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files readme.txt>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files wp-config.php>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>

	# Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing
	Options -Indexes

	<IfModule mod_rewrite.c>
		RewriteEngine On

		# Protect System Files - Security > Settings > System Tweaks > System Files
		RewriteRule ^wp-admin/install\.php$ - [F]
		RewriteRule ^wp-admin/includes/ - [F]
		RewriteRule !^wp-includes/ - [S=3]
		RewriteRule ^wp-includes/[^/]+\.php$ - [F]
		RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
		RewriteRule ^wp-includes/theme-compat/ - [F]
		RewriteCond %{REQUEST_FILENAME} -f
		RewriteRule (^|.*/)\.(git|svn)/.* - [F]
	</IfModule>
# END iThemes Security - Do not modify or remove this line

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>

# BEGIN WordPress
# Les directives (lignes) entre « BEGIN WordPress » et « END WordPress » sont générées
# dynamiquement, et doivent être modifiées uniquement via les filtres WordPress.
# Toute modification des directives situées entre ces marqueurs sera surchargée.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF
