# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .*/wp-login\.php.*
RewriteCond %{HTTP_REFERER} !.*philipniewold\.nl.*
RewriteRule (.*) http://login-denied-by-custom-htaccess-no-valid-referer/$1 [R=301,L]
</IfModule>

# END WordPress


php_value upload_max_filesize 4M
php_value post_max_size 4M
php_value max_execution_time 300
php_value max_input_time 300



# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>
<Files wp-login.php>
#order deny,allow
#deny from all
</Files>