Allow access to file only from the server itself

#1
I'm trying to allow only the server itself to run wp-cron.php and deny this file for the rest of the world, so what I did:

RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
RewriteRule wp-cron.php$ - [F,L]

But it doesn't work, any suggestions please?
 
#2
Also I set:

Code:
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteCond %{REQUEST_URI} wp-trackback.php|xmlrpc.php|wp-cron.php [NC]
RewriteRule .* - [F,L]
Result:

  • /xmlrpc.php - returns 403 as expected;
  • /wp-trackback.php - returns 403 as expected;
  • /wp-cron.php - shows white page like it always does without any restrictions...
 

Pong

Administrator
#3
The rules seems ok. Have you restart OLS to apply rule changes in .htaccess?
If still issue, you can turn on rewrite log to see what's going on.
 
Top