How to Block WordPress Security Scanners

An automated system that checks a WordPress site for security flaws, malware, and other dangers is known as a WordPress security scanner. As one of the most widely used CMS on the web, WordPress is unfortunately a common target for cybercriminals. As a result, protecting a WordPress website is essential.

To Prevent Unintentional scans by Hackers add the followings to the end of your .htaccess file ( only if you are using Apache Web Server )

<IfModule mod_rewrite.c>
RewriteCond %{HTTP_REFERER} whatcms\. [NC]
RewriteCond %{HTTP_REFERER} wpthemedetector\. [NC]
RewriteCond %{HTTP_REFERER} wpdetector\. [NC]
RewriteCond %{HTTP_REFERER} wappalyzer\. [NC]
RewriteCond %{HTTP_REFERER} builtwith\. [NC]
RewriteCond %{HTTP_REFERER} wpscan\. [NC]
RewriteCond %{HTTP_REFERER} wpsec\. [NC]
RewriteCond %{HTTP_REFERER} isitwp\. [NC]
RewriteCond %{HTTP_USER_AGENT} whatcms [NC]
RewriteRule .* – [F,L]
</IfModule>

This rejects the scanner connection to your site.

(Score: 23) - 4.9/5
4.9/5
Share This Article