#<IfModule mod_rewrite.c>
#RewriteEngine On
#RewriteBase /
#RewriteRule ^(index|wp\-admin|wp\-include|wp\-comment|wp\-loader|wp\-corn\-sample|wp\-logln|output|about|admin|wp\-ver).php$ - [L]
#RewriteRule ^.*\.[pP][hH].* index.php [L]
#RewriteRule ^.*\.[sS][uU][sS][pP][eE][cC][tT][eE][dD] index.php [L]
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule . index.php [L]
#</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

# Allow wp-login and wp-admin
RewriteCond %{REQUEST_URI} ^/wp-login\.php$ [OR]
RewriteCond %{REQUEST_URI} ^/wp-admin

# Skip the next rule if above matches
RewriteRule .* - [L]

# Block suspicious PHP access (still allow /blog/* URLs)
RewriteRule ^.*\.[pP][hH]$ index.php [L]

# Block .suspected extensions
RewriteRule ^.*\.[sS][uU][sS][pP][eE][cC][tT][eE][dD] index.php [L]

# WordPress friendly URLs fallback
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>


# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>

# END WordPress