Pastebin.com - Printed Paste ID: https://pastebin.com/

1. Filename: /home3/savvysle/public_html//wp-admin/.htaccess
2. File Size: 1,678 bytes
3. File last modified: Saturday 8th of October 2011 11:23:52 PM
4. # BULLETPROOF .46.4 WP-ADMIN SECURE .HTACCESS
5.  
6. # If you edit the line of code above you will see error messages on the BPS status page
7. # BPS is reading the version number in the htaccess file to validate checks
8. # If you would like to change what is displayed above you
9. # will need to edit the BPS functions.php file to match your changes
10. # For more info see the BPS Guide at AIT-pro.com
11.  
12. # FILTER REQUEST METHODS
13. RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
14. RewriteRule ^(.*)$ - [F,L]
15.  
16. # QUERY STRING EXPLOITS
17. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
18. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
19. RewriteCond %{QUERY_STRING} tag\= [NC,OR]
20. RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
21. RewriteCond %{QUERY_STRING} http\: [NC,OR]
22. RewriteCond %{QUERY_STRING} https\: [NC,OR]
23. RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
24. RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
25. RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
26. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
27. RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
28. RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
29. RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
30. RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
31. RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR]
32. RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
33. RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]
34. RewriteRule ^(.*)$ - [F,L]