不幸的是我的wp-login.php的保护不再起作用:
<Files wp-login.php> AuthName "Forbidden access" Require ip 1xx.xxx.xx.x/24 </Files> 这是Apache的信息:
Server version: Apache/2.4.10 (Debian) Server built: Aug 28 2015 16:28:08
错误日志没有显示任何内容:-(
如果你想添加authentication:
<Location ~ "wp-login.php"> AuthName "Auth Name You Want" AuthType Basic AuthUserFile /opt/web/.htpasswd Require valid-user </Location>
要么
<Files "wp-login.php"> AuthName "Auth Name You Want" AuthType Basic AuthUserFile /opt/web/.htpasswd Require valid-user </Files>
来源: https : //httpd.apache.org/docs/2.4/mod/mod_auth_basic.html
如果你想只允许一个IP
<Location ~ "wp-login.php"> Require ip wxyz </Location>
要么
<Files "wp-login.php"> Require ip wxyz </Files>
来源: https : //httpd.apache.org/docs/2.4/fr/howto/access.html
有关信息,这个语法不再在apache 2.4上使用
order allow,deny allow from all
它已被replace
Require all granted
来源: https : //httpd.apache.org/docs/2.4/fr/howto/access.html
如果您想在.htaccess中添加身份validation+ IP限制
<Files "wp-login.php"> <RequireAll> AuthName "Auth Name You Want" AuthType Basic AuthUserFile /opt/web/.htpasswd Require valid-user Require ip wxyz/24 </RequireAll> </Files>
我正在考虑你的IP掩码是正确的
有关RequireAll信息: https : RequireAll
我得到了与Apache 2.4相同的问题,我的解决scheme是这样的:
<Files wp-login.php> AuthName "Forbidden access" Order Allow,Deny Allow from all </Files> Allow from 1xx.xxx.xx.x/24 Deny from all