# BEGIN iThemes Security - Do not modify or remove this line
# iThemes Security Config Details: 2
# Ban Hosts - Security > Settings > Banned Users
SetEnvIF REMOTE_ADDR "^80\.233\.53\.172$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^80\.233\.53\.172$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^80\.233\.53\.172$" DenyAccess
SetEnvIF REMOTE_ADDR "^107\.189\.11\.111$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^107\.189\.11\.111$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^107\.189\.11\.111$" DenyAccess
Order allow,deny
Allow from all
Deny from env=DenyAccess
Deny from 80.233.53.172
Deny from 107.189.11.111
# Protect System Files - Security > Settings > System Tweaks > System Files
Order allow,deny
Deny from all
Order allow,deny
Deny from all
Order allow,deny
Deny from all
Order allow,deny
Deny from all
# Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing
Options -Indexes
RewriteEngine On
# Protect System Files - Security > Settings > System Tweaks > System Files
RewriteRule ^wp-admin/install\.php$ - [F]
RewriteRule ^wp-admin/includes/ - [F]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
RewriteRule ^wp-includes/theme-compat/ - [F]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (^|.*/)\.(git|svn)/.* - [F]
# Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads
RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
# Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins
RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
# Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes
RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
# END iThemes Security - Do not modify or remove this line
# BEGIN HMWP_RULES
RewriteEngine On
RewriteRule ^([0-9a-zA-Z_-]+/)?hopeland-kp$ /wp-login.php [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?hopeland-kp/(.*) /wp-login.php$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?lostpass$ /wp-login.php?action=lostpassword [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?register$ /wp-login.php?action=register [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/e39123425b/(.*) /wp-content/plugins/all-in-one-wp-migration/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/ccc473c329/(.*) /wp-content/plugins/elementor-pro/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/f65f29574d/(.*) /wp-content/plugins/elementor/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/ee3d367a9e/(.*) /wp-content/plugins/elementskit-lite/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/f259196a9c/(.*) /wp-content/plugins/envato-elements/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/9097659473/(.*) /wp-content/plugins/essential-addons-for-elementor-lite/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/1a60a0f6ed/(.*) /wp-content/plugins/google-site-kit/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/19264a84a8/(.*) /wp-content/plugins/header-footer-elementor/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/d0f4711431/(.*) /wp-content/plugins/hide-my-wp/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/b7b83e499b/(.*) /wp-content/plugins/jeg-elementor-kit/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/9e697a2d5d/(.*) /wp-content/plugins/metform/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/1bf253af02/(.*) /wp-content/plugins/revslider-1/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/dccac82750/(.*) /wp-content/plugins/royal-elementor-addons/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/882eb7ffb0/(.*) /wp-content/plugins/squirrly-seo/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/f9c7f63a6a/(.*) /wp-content/plugins/wordpress-seo/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/16703e7d38/(.*) /wp-content/plugins/wp-reviews-plugin-for-google/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/1d87eda4bb/(.*) /wp-content/plugins/wp-whatsapp-chat/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/modules/(.*) /wp-content/plugins/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/views/9dbb40d076/design.css$ /wp-content/themes/astra/style.css [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/views/9dbb40d076/(.*) /wp-content/themes/astra/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/views/51a12ba5b2/design.css$ /wp-content/themes/twentytwentyfour/style.css [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/views/51a12ba5b2/(.*) /wp-content/themes/twentytwentyfour/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/views/(.*) /wp-content/themes/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?storage/(.*) /wp-content/uploads/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?core/(.*) /wp-content/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?lib/(.*) /wp-includes/$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?comments/(.*) /wp-comments-post.php$2 [QSA,L]
RewriteRule ^([0-9a-zA-Z_-]+/)?writer/(.*) /author/$2 [QSA,L]
# END HMWP_RULES
# BEGIN HMWP_VULNERABILITY
Header always unset x-powered-by
Header always unset server
ServerSignature Off
Header set Strict-Transport-Security "max-age=15768000;includeSubdomains"
Header set Content-Security-Policy "object-src 'none'"
Header set X-XSS-Protection "1; mode=block"
# END HMWP_VULNERABILITY
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
# BEGIN LiteSpeed
# The directives (lines) between "BEGIN LiteSpeed" and "END LiteSpeed" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
SetEnv noabort 1
# END LiteSpeed
# BEGIN WP-Optimize Gzip compression
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddType application/vnd.ms-fontobject .eot
AddType font/ttf .ttf
AddType font/otf .otf
AddType font/x-woff .woff
AddType image/svg+xml .svg
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-font-woff
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE font/woff
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
# Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
# END WP-Optimize Gzip compression