Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/

Upload File : current_dir [ Writeable ] document_root [ Writeable ]

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

# BLOCK ATTACKER IP - CRITICAL SECURITY (using rewrite for compatibility)
RewriteCond %{REMOTE_ADDR} ^198\.204\.236\.234$
RewriteRule ^ - [F,L]

# BLOCK 445367 directory (was used for attacks)
RewriteCond %{REQUEST_URI} ^/445367
RewriteRule ^ - [F,L]

# Allow auth directory PHP files - MUST come before other rules
RewriteCond %{REQUEST_URI} ^/auth/.*\.php$
RewriteRule ^ - [L]

# Allow API directory PHP files  
RewriteCond %{REQUEST_URI} ^/api/.*\.php$
RewriteRule ^ - [L]

# Don't rewrite index.php itself
RewriteRule ^index\.php$ - [L]

# Don't rewrite existing files or directories
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Rewrite everything else to index.php
RewriteRule . /index.php [L]
</IfModule>

# Block attacker IP (alternative method for Apache 2.2 compatibility)
<IfModule mod_access_compat.c>
    Order allow,deny
    Deny from 198.204.236.234
    Allow from all
</IfModule>

# Block 445367 directory (alternative method for Apache 2.2)
<IfModule mod_access_compat.c>
    <DirectoryMatch "^/445367">
        Order deny,allow
        Deny from all
    </DirectoryMatch>
</IfModule>