# BEGIN iThemes Security - Do not modify or remove this line
# iThemes Security Config Details: 2
	# Ban Hosts - Security > Settings > Banned Users
	SetEnvIF REMOTE_ADDR "^104\.200\.151\.114$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^104\.200\.151\.114$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^104\.200\.151\.114$" DenyAccess

	SetEnvIF REMOTE_ADDR "^167\.71\.217\.95$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^167\.71\.217\.95$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^167\.71\.217\.95$" DenyAccess

	SetEnvIF REMOTE_ADDR "^102\.129\.153\.226$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^102\.129\.153\.226$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^102\.129\.153\.226$" DenyAccess

	SetEnvIF REMOTE_ADDR "^104\.200\.151\.167$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^104\.200\.151\.167$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^104\.200\.151\.167$" DenyAccess

	SetEnvIF REMOTE_ADDR "^45\.140\.17\.38$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^45\.140\.17\.38$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^45\.140\.17\.38$" DenyAccess

	SetEnvIF REMOTE_ADDR "^103\.171\.180\.165$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^103\.171\.180\.165$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^103\.171\.180\.165$" DenyAccess

	SetEnvIF REMOTE_ADDR "^44\.211\.11\.110$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^44\.211\.11\.110$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^44\.211\.11\.110$" DenyAccess

	SetEnvIF REMOTE_ADDR "^89\.64\.55\.29$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^89\.64\.55\.29$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^89\.64\.55\.29$" DenyAccess

	SetEnvIF REMOTE_ADDR "^185\.122\.204\.23$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^185\.122\.204\.23$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^185\.122\.204\.23$" DenyAccess

	SetEnvIF REMOTE_ADDR "^20\.14\.134\.181$" DenyAccess
	SetEnvIF X-FORWARDED-FOR "^20\.14\.134\.181$" DenyAccess
	SetEnvIF X-CLUSTER-CLIENT-IP "^20\.14\.134\.181$" DenyAccess

	<IfModule mod_authz_core.c>
		<RequireAll>
			Require all granted
			Require not env DenyAccess
			Require not ip 104.200.151.114
			Require not ip 167.71.217.95
			Require not ip 102.129.153.226
			Require not ip 104.200.151.167
			Require not ip 45.140.17.38
			Require not ip 103.171.180.165
			Require not ip 44.211.11.110
			Require not ip 89.64.55.29
			Require not ip 185.122.204.23
			Require not ip 20.14.134.181
		</RequireAll>
	</IfModule>
	<IfModule !mod_authz_core.c>
		Order allow,deny
		Allow from all
		Deny from env=DenyAccess
		Deny from 104.200.151.114
		Deny from 167.71.217.95
		Deny from 102.129.153.226
		Deny from 104.200.151.167
		Deny from 45.140.17.38
		Deny from 103.171.180.165
		Deny from 44.211.11.110
		Deny from 89.64.55.29
		Deny from 185.122.204.23
		Deny from 20.14.134.181
	</IfModule>

	# Protect System Files - Security > Settings > System Tweaks > System Files
	<files .htaccess>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files readme.html>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files readme.txt>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>
	<files wp-config.php>
		<IfModule mod_authz_core.c>
			Require all denied
		</IfModule>
		<IfModule !mod_authz_core.c>
			Order allow,deny
			Deny from all
		</IfModule>
	</files>

	# Disable Directory Browsing - Security > Settings > System Tweaks > Directory Browsing
	Options -Indexes

	<IfModule mod_rewrite.c>
		RewriteEngine On

		# Protect System Files - Security > Settings > System Tweaks > System Files
		RewriteRule ^wp-admin/install\.php$ - [F]
		RewriteRule ^wp-admin/includes/ - [F]
		RewriteRule !^wp-includes/ - [S=3]
		RewriteRule ^wp-includes/[^/]+\.php$ - [F]
		RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
		RewriteRule ^wp-includes/theme-compat/ - [F]
		RewriteCond %{REQUEST_FILENAME} -f
		RewriteRule (^|.*/)\.(git|svn)/.* - [F]

		# Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads
		RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]

		# Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins
		RewriteRule ^wp\-content/plugins/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]

		# Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes
		RewriteRule ^wp\-content/themes/.*\.(?:php[1-7]?|pht|phtml?|phps)\.?$ - [NC,F]
	</IfModule>
# END iThemes Security - Do not modify or remove this line

# BEGIN WpFastestCache
# Modified Time: 18-03-23 9:56:41
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} =on
RewriteCond %{HTTP_HOST} ^www.vesselspa.com
# Start WPFC Exclude
# End WPFC Exclude
# Start_WPFC_Exclude_Admin_Cookie
RewriteCond %{HTTP:Cookie} !wordpress_logged_in_[^\=]+\=kolomedia
# End_WPFC_Exclude_Admin_Cookie
RewriteCond %{HTTP_HOST} ^www.vesselspa.com
RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WP_FASTEST_CACHE_CSS_VALIDATOR|Twitterbot|LinkedInBot|WhatsApp|Mediatoolkitbot)
RewriteCond %{HTTP_USER_AGENT} !(WP\sFastest\sCache\sPreload(\siPhone\sMobile)?\s*Bot)
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{REQUEST_URI} !(\/){2}$
RewriteCond %{REQUEST_URI} \/$
RewriteCond %{QUERY_STRING} !.+
RewriteCond %{HTTP:Cookie} !wordpress_logged_in
RewriteCond %{HTTP:Cookie} !comment_author_
RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil
RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*\bCrMo\b|CriOS|Android.*Chrome\/[.0-9]*\s(Mobile)?|\bDolfin\b|Opera.*Mini|Opera.*Mobi|Android.*Opera|Mobile.*OPR\/[0-9.]+|Coast\/[0-9.]+|Skyfire|Mobile\sSafari\/[.0-9]*\sEdge|IEMobile|MSIEMobile|fennec|firefox.*maemo|(Mobile|Tablet).*Firefox|Firefox.*Mobile|FxiOS|bolt|teashark|Blazer|Version.*Mobile.*Safari|Safari.*Mobile|MobileSafari|Tizen|UC.*Browser|UCWEB|baiduboxapp|baidubrowser|DiigoBrowser|Puffin|\bMercury\b|Obigo|NF-Browser|NokiaBrowser|OviBrowser|OneBrowser|TwonkyBeamBrowser|SEMC.*Browser|FlyFlow|Minimo|NetFront|Novarra-Vision|MQQBrowser|MicroMessenger|Android.*PaleMoon|Mobile.*PaleMoon|Android|blackberry|\bBB10\b|rim\stablet\sos|PalmOS|avantgo|blazer|elaine|hiptop|palm|plucker|xiino|Symbian|SymbOS|Series60|Series40|SYB-[0-9]+|\bS60\b|Windows\sCE.*(PPC|Smartphone|Mobile|[0-9]{3}x[0-9]{3})|Window\sMobile|Windows\sPhone\s[0-9.]+|WCE;|Windows\sPhone\s10.0|Windows\sPhone\s8.1|Windows\sPhone\s8.0|Windows\sPhone\sOS|XBLWP7|ZuneWP7|Windows\sNT\s6\.[23]\;\sARM\;|\biPhone.*Mobile|\biPod|\biPad|Apple-iPhone7C2|MeeGo|Maemo|J2ME\/|\bMIDP\b|\bCLDC\b|webOS|hpwOS|\bBada\b|BREW.*$ [NC]
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/%{HTTP_HOST}/all/$1/index.html -f [or]
RewriteCond /home/vesselspa/public_html/wp-content/cache/%{HTTP_HOST}/all/$1/index.html -f
RewriteRule ^(.*) "/wp-content/cache/%{HTTP_HOST}/all/$1/index.html" [L]
</IfModule>
<FilesMatch "index\.(html|htm)$">
AddDefaultCharset UTF-8
<ifModule mod_headers.c>
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT"
</ifModule>
</FilesMatch>
# END WpFastestCache
# BEGIN GzipWpFastestCache
<IfModule mod_deflate.c>
AddType x-font/woff .woff
AddType x-font/ttf .ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE x-font/ttf
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf
</IfModule>
# END GzipWpFastestCache
# BEGIN LBCWpFastestCache
<FilesMatch "\.(webm|ogg|mp4|ico|pdf|flv|avif|jpg|jpeg|png|gif|webp|js|css|swf|x-html|css|xml|js|woff|woff2|otf|ttf|svg|eot)(\.gz)?$">
<IfModule mod_expires.c>
AddType application/font-woff2 .woff2
AddType application/x-font-opentype .otf
ExpiresActive On
ExpiresDefault A0
ExpiresByType video/webm A10368000
ExpiresByType video/ogg A10368000
ExpiresByType video/mp4 A10368000
ExpiresByType image/avif A10368000
ExpiresByType image/webp A10368000
ExpiresByType image/gif A10368000
ExpiresByType image/png A10368000
ExpiresByType image/jpg A10368000
ExpiresByType image/jpeg A10368000
ExpiresByType image/ico A10368000
ExpiresByType image/svg+xml A10368000
ExpiresByType text/css A10368000
ExpiresByType text/javascript A10368000
ExpiresByType application/javascript A10368000
ExpiresByType application/x-javascript A10368000
ExpiresByType application/font-woff2 A10368000
ExpiresByType application/x-font-opentype A10368000
ExpiresByType application/x-font-truetype A10368000
</IfModule>
<IfModule mod_headers.c>
Header set Expires "max-age=A10368000, public"
Header unset ETag
Header set Connection keep-alive
FileETag None
</IfModule>
</FilesMatch>
# END LBCWpFastestCache

# BEGIN WordPress
# Direktive (vrstice) med "BEGIN WordPress" in "END WordPress" so dinamično
# ustvarjene, in bi se smele spreminjati zgolj preko WordPressovih filtrov.
# Vse spremembe direktiv med tema označevalnikoma bodo prepisane.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “alt-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-alt-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
