Have you been recently seeing these URLs in error.log
[error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
The F flag sends a 403 Forbidden response when the rule matches:
RewriteRule /w00tw00t\.at\.ISC\.SANS\.DFind – [F]
Add this just after RewriteBase /.
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule /w00tw00t\.at\.ISC\.SANS\.DFind – [F]
RewriteRule ^index\.php$ – [L]RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.php /index.php [L,R=404]RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]# END WordPress
BTW the [error] client sent HTTP/1.1 request without hostname errors suggest that apache is replying with a 400 Bad request status and these requests don’t even hit wordpress.