0

I need htaccess rewrite to block request if don't have GET=action or POST=action.

If somebody run 

 example.com/wp-admin/admin-ajax.php

then he will see error 404.

I think that this should have rewrite could, but I don't know how this work:

  RewriteRule ^wp-admin/admin-ajax.php$ index.php [L,QSA]
Improve this question
3
  • GET=action or POST=action? What do you mean? Commented Apr 2, 2015 at 7:44
  • 2
    The other question is: Why? admin-ajax.php without a registered action returns 0. Why do you want to "block" it? Commented Apr 2, 2015 at 7:59
  • if somebody run example.com/wp-admin/admin-ajax.php then it should see 404 error. Only request with param "action" and ajax requests should be acceptance. Commented Apr 2, 2015 at 9:18

2 Answers 2

Reset to default
5

Is your wp-admin folder protected by .htaccess?

You need a whitelist like this (inside the wp-admin folder):

# Allow access to wp-admin/admin-ajax.php
<Files admin-ajax.php>
    Order allow,deny
    Allow from all
    Satisfy any
</Files>

whitelisted-admin-ajax-htaccess

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You don't specify why you want to do this, but I can't think of a good reason to.

If you're worried about security (a) don't be, (b) protecting it this way isn't going to help you.

Nor will doing this make any difference to server load.

If it's showing in search results for some reason (not that I've ever seen that happen), just add it to your robots.txt file or use Google Webmaster Tools.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.