Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Jun 25th, 2012  |  syntax: None  |  size: 10.00 KB  |  views: 234  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <Directory /var/www/>
  2. AddHandler fcgid-script .php
  3. FCGIWrapper /usr/lib/cgi-bin/php5 .php
  4. AddType image/x-icon .ico
  5. Options Indexes FollowSymLinks MultiViews +ExecCGI
  6. AllowOverride None
  7. Order allow,deny
  8. allow from all
  9.  AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript
  10.  BrowserMatch ^Mozilla/4 gzip-only-text/html
  11.  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  12.  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  13.  
  14. #   BULLETPROOF .47.1 >>>>>>> SECURE .HTACCESS      
  15. # BEGIN WordPress
  16. ServerSignature Off
  17. Options -Indexes
  18. DirectoryIndex index.php index.html /index.php
  19. ErrorDocument 404 /404.php
  20. RedirectMatch 403 /\..*$
  21. # 6G:[REQUEST STRINGS]
  22.  RedirectMatch 403 (?i)([a-zA-Z0-9]{50})
  23.  RedirectMatch 403 (?i)(https?|ftp|php)\:/
  24.  RedirectMatch 403 (?i)(\"|\.|\_|\&|\&amp)$
  25.  RedirectMatch 403 (?i)(\=\\\'|\=\\%27|/\\\'/?)\.
  26.  RedirectMatch 403 (?i)(\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.|\+\+\+|\||\\\"\\\")
  27.  RedirectMatch 403 (?i)/uploads/([0-9]+)/([0-9]+)/(cache|cached|wp-opt|wp-supercache)\.php
  28.  RedirectMatch 403 (?i)\.(asp|bash|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf|well)
  29.  RedirectMatch 403 (?i)/(^$|1|addlink|btn_hover|contact?|dkscsearch|dompdf|easyboard|ezooms|formvars|fotter|fpw|i|imagemanager|index1|install|iprober|legacy\-comments|join|js\-scraper|mapcms|mobiquo|phpinfo|phpspy|pingserver|playing|postgres|product|register|scraper|shell|signup|single\-default|t|sqlpatch|test|textboxes.css|thumb|timthumb|topper|tz|ucp_profile|visit|webring.docs|webshell|wp\-lenks|wp\-links|wp\-plugin|wp\-signup|wpcima|zboard|zzr)\.php
  30.  RedirectMatch 403 (?i)(\$\(this\)\.attr|\&pws\=0|\&t\=|\&title\=|\%7BshopURL\%7Dimages|\_vti\_|\(null\)|$itemURL|ask/data/ask|com\_crop|document\)\.ready\(fu|echo.*kae|eval\(|function.parse|function\(\)|gifamp|hilton.ch|index.php\&amp\;quot|jfbswww|monstermmorpg|msnbot\.htm|netdefender/hui|phpMyAdmin/config|proc/self|skin/zero_vote|/spaw2?|text/javascript|this.options)
  31. RewriteEngine On
  32. RewriteBase /
  33. RewriteRule ^wp-admin/includes/ - [F]
  34. RewriteRule !^wp-includes/ - [S=3]
  35. RewriteRule ^wp-includes/[^/]+\.php$ - [F]
  36. RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
  37. RewriteRule ^wp-includes/theme-compat/ - [F]
  38. RewriteRule ^index\.php$ - [L]
  39.  
  40. RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
  41. RewriteRule ^(.*)$ - [F]
  42.  
  43. # Login Plugins Password Reset And Redirect 1
  44. RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC]
  45. RewriteRule . - [S=4]
  46. # Login Plugins Password Reset And Redirect 2
  47. RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC]
  48. RewriteRule . - [S=3]
  49.  
  50. RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
  51. RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
  52. RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
  53. RewriteCond %{THE_REQUEST} \?\ HTTP/ [NC,OR]
  54. RewriteCond %{THE_REQUEST} \/\*\ HTTP/ [NC,OR]
  55. RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
  56. RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
  57. RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR]
  58. RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
  59. RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
  60. RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
  61. RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
  62. RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
  63. RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
  64. RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
  65. RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
  66. RewriteCond %{QUERY_STRING} (\.\./|\.\.) [OR]
  67. RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
  68. RewriteCond %{QUERY_STRING} http\: [NC,OR]
  69. RewriteCond %{QUERY_STRING} https\: [NC,OR]
  70. RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
  71. RewriteCond %{QUERY_STRING} ^(.)/self/(.)$ [NC,OR]
  72. RewriteCond %{QUERY_STRING} ^(.)cPath=http://(.)$ [NC,OR]
  73. RewriteCond %{QUERY_STRING} (\<|%3C).*(embed|iframe|object|script).*(\>|%3E) [NC,OR]
  74. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
  75. RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
  76. RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
  77. RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
  78. RewriteCond %{QUERY_STRING} ^.(\[|\]|\(|\)|<|>|%3c|%3e|%5b|%5d). [NC,OR]
  79. RewriteCond %{QUERY_STRING} ^.(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x5b|\x5d|\x7f). [NC,OR]
  80. RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
  81. RewriteCond %{QUERY_STRING} (\./|\../|\.../)+(motd|etc|bin) [NC,OR]
  82. RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
  83. RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
  84. RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
  85. RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
  86. RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
  87. RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
  88. RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
  89. RewriteRule ^(.*)$ - [F]
  90. RewriteCond %{REQUEST_FILENAME} !-f
  91. RewriteCond %{REQUEST_FILENAME} !-d
  92. RewriteRule . /index.php [L]
  93.  
  94. <FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)">
  95. Order allow,deny
  96. Deny from all
  97. #Allow from 88.77.66.55
  98. </FilesMatch>
  99. # END WordPress
  100.  
  101. # 6G:[QUERY STRINGS]
  102.  RewriteCond %{REQUEST_URI} !^/$ [NC]
  103.  RewriteCond %{QUERY_STRING} (mod|path|tag)= [NC,OR]
  104.  RewriteCond %{QUERY_STRING} ([a-zA-Z0-9]{255}) [NC,OR]
  105.  RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
  106.  RewriteCond %{QUERY_STRING} (\?|\.\./|\.|\*|:|;|<|>|'|"|\)|\[|\]|=\\\'$|%0A|%0D|%22|%27|%3C|%3E|%00|%2e%2e) [NC,OR]
  107.  RewriteCond %{QUERY_STRING} (benchmark|boot.ini|cast|declare|drop|echo.*kae|environ|etc/passwd|execute|input_file|insert|md5|mosconfig|scanner|select|set|union|update) [NC]
  108.  RewriteCond %{HTTP_REFERER} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
  109.  RewriteCond %{HTTP_REFERER} ([a-zA-Z0-9]{32}) [NC]
  110.  RewriteRule .* - [F]
  111.  
  112. # 6G:[USER AGENTS]
  113.  #SetEnvIfNoCase User-Agent ^$ keep_out
  114.  SetEnvIfNoCase User-Agent (<|>|'|&lt;|%0A|%0D|%27|%3C|%3E|%00|href\s) keep_out
  115.  SetEnvIfNoCase User-Agent (archiver|binlar|casper|checkprivacy|clshttp|cmsworldmap|comodo|curl|diavol|dotbot|email|extract|feedfinder|flicky|grab|harvest|httrack|ia_archiver|jakarta|kmccrew|libwww|loader|miner|nikto|nutch|planetwork|purebot|pycurl|python|scan|skygrid|sucker|turnit|vikspider|wget|winhttp|youda|zmeu|zune) keep_out
  116.  <limit GET POST PUT>
  117.   Order Allow,Deny
  118.   Allow from all
  119.   Deny from env=keep_out
  120.  </limit>
  121.  
  122. # BEGIN W3TC Browser Cache
  123.         BrowserMatch ^Mozilla/4 gzip-only-text/html
  124.         BrowserMatch ^Mozilla/4\.0[678] no-gzip
  125.         BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  126.         BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
  127.         Header append Vary User-Agent env=!dont-vary
  128.         AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon
  129. <FilesMatch "\.(css|js|htc|CSS|JS|HTC)$">
  130.     FileETag None
  131. </FilesMatch>
  132. <FilesMatch "\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|SVG|SVGZ|TXT|XSD|XSL|XML)$">
  133.     FileETag None
  134. </FilesMatch>
  135. <FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|WAV|WMA|WRI|XLA|XLS|XLSX|XLT|XLW|ZIP)$">
  136.     FileETag None
  137. </FilesMatch>
  138. # END W3TC Browser Cache
  139. # BEGIN W3TC Page Cache core
  140.     RewriteEngine On
  141.     RewriteBase /
  142.     RewriteRule ^(.*\/)?w3tc_rewrite_test$ $1?w3tc_rewrite_test=1 [L]
  143.     RewriteCond %{HTTP:Accept-Encoding} gzip
  144.     RewriteRule .* - [E=W3TC_ENC:_gzip]
  145.     RewriteCond %{REQUEST_METHOD} !=POST
  146.     RewriteCond %{QUERY_STRING} =""
  147.     RewriteCond %{HTTP_HOST} =blindscribblings.com
  148.     RewriteCond %{REQUEST_URI} \/$ [OR]
  149.     RewriteCond %{REQUEST_URI} (sitemap(_index)?\.xml(\.gz)?|[a-z0-9_\-]+-sitemap([0-9]+)?\.xml(\.gz)?) [NC]
  150.     RewriteCond %{REQUEST_URI} !(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|\/feed\/|wp-.*\.php|index\.php) [NC,OR]
  151.     RewriteCond %{REQUEST_URI} (wp\-comments\-popup\.php|wp\-links\-opml\.php|wp\-locations\.php) [NC]
  152.     RewriteCond %{HTTP_COOKIE} !(comment_author|wp\-postpass|wordpress_\[a\-f0\-9\]\+|wordpress_logged_in) [NC]
  153.     RewriteCond %{HTTP_USER_AGENT} !(W3\ Total\ Cache/0\.9\.2\.4) [NC]
  154.     RewriteCond "%{DOCUMENT_ROOT}/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" -f
  155.     RewriteRule .* "/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" [L]
  156. # END W3TC Page Cache core
  157. ExpiresActive On
  158. ExpiresByType image/jpg "access 1 year"
  159. ExpiresByType image/jpeg "access 1 year"
  160. ExpiresByType image/gif "access 1 year"
  161. ExpiresByType image/png "access 1 year"
  162. ExpiresByType text/css "access 1 month"
  163. ExpiresByType application/pdf "access 1 month"
  164. ExpiresByType text/x-javascript "access 1 month"
  165. ExpiresByType application/x-shockwave-flash "access 1 month"
  166. ExpiresByType image/x-icon "access 1 year"
  167. ExpiresDefault "access 2 days"
  168. <FilesMatch ".(gif|jpg|jpeg|png|ico)$">
  169. Header set Cache-Control "max-age=2592000"
  170. </FilesMatch>
  171. </Directory>
  172.  
  173. ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
  174. <Directory "/usr/lib/cgi-bin">
  175. AllowOverride None
  176. Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
  177. AddHandler cgi-script .cgi
  178. Order allow,deny
  179. Allow from all