ensure that this only works in the root directory

author: mh <mh@immerda.ch> 2014-04-29 15:13:02 +0200
committer: mh <mh@immerda.ch> 2014-04-29 15:13:02 +0200
commit: b407de3da9e9cf265bfb6b392f3a331eaaf0ef3b (patch)
tree: a9755f15f029d4ecaf2e50c19d9a8696786f5f05 /templates
parent: ccf10e2a2831141472d2c71ada7c29d8834bb072 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/templates/vhosts/php_wordpress/partial.erb b/templates/vhosts/php_wordpress/partial.erb
index 7b07f21..5e6ebd5 100644
--- a/templates/vhosts/php_wordpress/partial.erb
+++ b/templates/vhosts/php_wordpress/partial.erb
@@ -9,11 +9,11 @@
   # http://www.frameloss.org/2013/04/26/even-easier-brute-force-login-protection-for-wordpress/
   RewriteEngine On
   RewriteCond %{HTTP_COOKIE} !<%= cookie = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "cookie"]) %>
-  RewriteRule /wp-login.php /wordpress-login-<%= tmpuri = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "wp-login"]) %>.php [R,L]
+  RewriteRule ^/wp-login.php /wordpress-login-<%= tmpuri = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "wp-login"]) %>.php [R,L]
   <Location /wordpress-login-<%= tmpuri %>.php>
     CookieTracking on
     CookieExpires 30
     CookieName <%= cookie %>
   </Location>
-  RewriteRule /wordpress-login-<%= tmpuri %>.php /wp-login.php [NE]
+  RewriteRule ^/wordpress-login-<%= tmpuri %>.php /wp-login.php [NE]
author	mh <mh@immerda.ch>	2014-04-29 15:13:02 +0200
committer	mh <mh@immerda.ch>	2014-04-29 15:13:02 +0200
commit	b407de3da9e9cf265bfb6b392f3a331eaaf0ef3b (patch)
tree	a9755f15f029d4ecaf2e50c19d9a8696786f5f05 /templates
parent	ccf10e2a2831141472d2c71ada7c29d8834bb072 (diff)