# ----------------------------------------------------------------------
# Security: Block access to backup and source files
# ----------------------------------------------------------------------
<FilesMatch "(\.(bak|config|sql|md|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
  	Order allow,deny
  	Deny from all
  	Satisfy All
</FilesMatch>


# ----------------------------------------------------------------------
# Security: Hardening headers
# ----------------------------------------------------------------------
<IfModule mod_headers.c>
	Header set X-XSS-Protection "1; mode=block"
	Header always append X-Frame-Options SAMEORIGIN
	Header set X-Content-Type-Options nosniff
</IfModule>


# ----------------------------------------------------------------------
# Security: Block XMLRPC as it is deprecated
# ----------------------------------------------------------------------
<Files xmlrpc.php>
    Order Allow,Deny
    Deny from all
</Files>


# ----------------------------------------------------------------------
# Security: Redirect author=n scans to prevent user enumeration
# ----------------------------------------------------------------------
<IfModule mod_rewrite.c>
	RewriteCond %{QUERY_STRING} author=([0-9]*) [NC]
	RewriteRule .* https://example.com/? [L,R=301]
</IfModule>