.

.htaccess

 RewriteEngine On
 RewriteBase /
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
-RewriteRule ^([^?]*) index.php/platyFrameworkRoute/$1 [L,QSA]
+RewriteRule ^wp-login.php$ - [F]
 
 # git 폴더 제외
 RewriteRule "^(.*/)?\.git/" - [F,L]
+RedirectMatch 404 /\.git
+
+# env 제외
+RedirectMatch 404 /\.env
 
 # .gitignore 파일 제외
 RewriteRule ".gitignore" - [F,L]
@@ -26,5 +27,45 @@ deny from 118.235.24.153
 deny from 118.235.24.212
 deny from 118.235.24.79
 deny from 118.235.24.157
+deny from 159.89.19.37
+deny from 13.208.244.15
+
+# 2022-04-23 DDOS
+deny from 176.36.237.79
+deny from 34.251.228.207
+deny from 20.213.139.242
+deny from 217.147.160.81
+deny from 159.69.27.122
+deny from 20.213.139.242
+deny from 195.200.251.15
+deny from 70.34.247.141
+deny from 139.59.159.233
+deny from 165.22.202.47
+deny from 159.69.27.122
+deny from 137.184.115.91
+deny from 109.251.144.10
+deny from 142.132.236.107
+deny from 70.34.247.141
+deny from 138.68.148.191
+deny from 217.147.160.81
 </Files>
 
+# 2022-04-23 DDOS - deny all ST requests
+# <IfModule mod_rewrite.c>
+# RewriteCond %{REQUEST_METHOD} ST
+# RewriteRule .* - [F,L]
+# </IfModule>
+
+# 2022-04-23 DDOS - deny all CONNECT requests
+<IfModule mod_rewrite.c>
+RewriteCond %{REQUEST_METHOD} CONNECT
+RewriteRule .* - [F,L]
+</IfModule>
+
+# server info
+RewriteCond %{REQUEST_URI} !=/server-info
+RewriteCond %{REQUEST_URI} !=/server-status
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
+RewriteRule ^([^?]*) index.php/platyFrameworkRoute/$1 [L,QSA]