# BEGIN All In One WP Security
#AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END
# END All In One WP Security

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

SetEnvIf GEOIP_COUNTRY_CODE MY BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE PH BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE PA BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE HK BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE TW BlockCountry
Deny from env=BlockCountry

SetEnv REGISTER_GLOBALS 0
ServerSignature Off
Options All -Indexes

# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>

# protect readme.html
<files readme.html>
order allow,deny
deny from all
</files>
# protect .htaccess
<files .htaccess>
order allow,deny
deny from all
</files>