From b407de3da9e9cf265bfb6b392f3a331eaaf0ef3b Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Tue, 29 Apr 2014 15:13:02 +0200
Subject: ensure that this only works in the root directory

---
 templates/vhosts/php_wordpress/partial.erb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'templates')

diff --git a/templates/vhosts/php_wordpress/partial.erb b/templates/vhosts/php_wordpress/partial.erb
index 7b07f21..5e6ebd5 100644
--- a/templates/vhosts/php_wordpress/partial.erb
+++ b/templates/vhosts/php_wordpress/partial.erb
@@ -9,11 +9,11 @@
   # http://www.frameloss.org/2013/04/26/even-easier-brute-force-login-protection-for-wordpress/
   RewriteEngine On
   RewriteCond %{HTTP_COOKIE} !<%= cookie = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "cookie"]) %>
-  RewriteRule /wp-login.php /wordpress-login-<%= tmpuri = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "wp-login"]) %>.php [R,L]
+  RewriteRule ^/wp-login.php /wordpress-login-<%= tmpuri = scope.function_sha1([scope.function_fqdn_rand([9999999999999,@name]).to_s + "wp-login"]) %>.php [R,L]
   <Location /wordpress-login-<%= tmpuri %>.php>
     CookieTracking on
     CookieExpires 30
     CookieName <%= cookie %>
   </Location>
-  RewriteRule /wordpress-login-<%= tmpuri %>.php /wp-login.php [NE]
+  RewriteRule ^/wordpress-login-<%= tmpuri %>.php /wp-login.php [NE]
 
-- 
cgit v1.2.3