Want more features on Pastebin? Sign Up, it's FREE!

htaccess file - before test

By: deryck on Jul 15th, 2012  |  syntax: None  |  size: 12.95 KB  |  views: 49  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1.  
  2. # BEGIN Better WP Security
  3. # Begin HackRepair.com Blacklist
  4. RewriteEngine on
  5. #Block comment spammers, bad bots and some proxies
  6. RewriteCond %{REMOTE_HOST} 12.226.240.248 [OR]
  7. RewriteCond %{REMOTE_HOST} 24.111.102.26 [OR]
  8. RewriteCond %{REMOTE_HOST} 24.117.121.113 [OR]
  9. RewriteCond %{REMOTE_HOST} 65.30.216.140 [OR]
  10. RewriteCond %{REMOTE_HOST} 67.87.64.23 [OR]
  11. RewriteCond %{REMOTE_HOST} 68.12.149.198 [OR]
  12. RewriteCond %{REMOTE_HOST} 69.139.167.203 [OR]
  13. RewriteCond %{REMOTE_HOST} 74.95.182.57 [OR]
  14. RewriteCond %{REMOTE_HOST} 91.121.3.29 [OR]
  15. RewriteCond %{REMOTE_HOST} 203.94.229.227 [OR]
  16. RewriteCond %{REMOTE_HOST} 208.96.122.142 [OR]
  17. RewriteCond %{REMOTE_HOST} 210.0.141.247 [OR]
  18. RewriteCond %{REMOTE_HOST} 210.197.97.67 [OR]
  19. RewriteCond %{REMOTE_HOST} 212.179.127.188 [OR]
  20. RewriteCond %{REMOTE_HOST} 216.246.60.183 [OR]
  21. RewriteCond %{REMOTE_HOST} 220.156.189.233 [OR]
  22. RewriteCond %{REMOTE_HOST} 222.36.12.42 [OR]
  23. # Abuse Agent Blocking
  24. RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
  25. RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR]
  26. RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR]
  27. RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR]
  28. RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
  29. RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
  30. RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR]
  31. RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR]
  32. RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
  33. RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR]
  34. RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
  35. RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
  36. RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR]
  37. RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
  38. RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
  39. RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
  40. RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
  41. RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
  42. RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
  43. RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
  44. RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
  45. RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
  46. RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
  47. RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
  48. RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
  49. RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
  50. RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
  51. RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR]
  52. RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR]
  53. RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
  54. RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR]
  55. RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
  56. RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR]
  57. RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR]
  58. RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR]
  59. RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR]
  60. RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
  61. RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
  62. RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
  63. RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
  64. RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
  65. RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR]
  66. RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR]
  67. RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR]
  68. RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
  69. RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
  70. RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
  71. RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
  72. RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
  73. RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
  74. RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
  75. RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
  76. RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
  77. RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]
  78. RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR]
  79. RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
  80. RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR]
  81. RewriteCond %{HTTP_USER_AGENT} MFC_Tear_Sample [NC,OR]
  82. RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR]
  83. RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR]
  84. RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
  85. RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
  86. RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR]
  87. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR]
  88. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR]
  89. RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR]
  90. RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
  91. RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
  92. RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
  93. RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
  94. RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
  95. RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
  96. RewriteCond %{HTTP_USER_AGENT} ^Nutch [NC,OR]
  97. RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
  98. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
  99. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
  100. RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
  101. RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR]
  102. RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
  103. RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
  104. RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR]
  105. RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR]
  106. RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
  107. RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR]
  108. RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR]
  109. RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
  110. RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
  111. RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
  112. RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR]
  113. RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR]
  114. RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR]
  115. RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR]
  116. RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
  117. RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
  118. RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR]
  119. RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR]
  120. RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
  121. RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
  122. RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
  123. RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
  124. RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
  125. RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR]
  126. RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR]
  127. RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR]
  128. RewriteCond %{HTTP_USER_AGENT} User-Agent [NC,OR]
  129. RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
  130. RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
  131. RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
  132. RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR]
  133. RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR]
  134. RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
  135. RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
  136. RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR]
  137. RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
  138. RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
  139. RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
  140. RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
  141. RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
  142. RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
  143. RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
  144. RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
  145. RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
  146. RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
  147. RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
  148. RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR]
  149. RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR]
  150. RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
  151. RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
  152. RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR]
  153. RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
  154. RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
  155. RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR]
  156. RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR]
  157. RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
  158. RewriteCond %{HTTP_USER_AGENT} ^Zeus\.*Webster [NC,OR]
  159. RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC]
  160. RewriteRule ^.* - [F,L]
  161. # Abuse bot blocking rule end
  162. order allow,deny
  163. allow from all
  164. # Start Custom Blocks
  165. # Bluecoat
  166. deny from 8.21.4.254
  167. deny from 65.46.48.192/30
  168. deny from 65.160.238.176/28
  169. deny from 85.92.222.0/24
  170. deny from 206.51.36.0/22
  171. deny from 216.52.23.0/24
  172. # cyveillance (already blocked 38.*)
  173. deny from 38.100.19.8/29
  174. deny from 38.100.21.0/24
  175. deny from 38.100.41.64/26
  176. deny from 38.105.71.0/25
  177. deny from 38.105.83.0/27
  178. deny from 38.112.21.140/30
  179. deny from 38.118.42.32/29
  180. deny from 65.213.208.128/27
  181. deny from 65.222.176.96/27
  182. deny from 65.222.185.72/29
  183. # Cyberpatrol
  184. deny from 38.103.17.160/27
  185. # Internet Identity - Anti-Phishing
  186. deny from 66.113.96.0/20
  187. deny from 70.35.113.192/27
  188. # Ironport
  189. deny from 204.15.80.0/22
  190. # Lightspeed Systems Security
  191. deny from 66.17.15.128/26
  192. deny from 69.84.207.32/27
  193. deny from 69.84.207.128/25
  194. # Layered Technologies
  195. deny from 72.36.128.0/17
  196. deny from 72.232.0.0/16
  197. deny from 72.233.0.0/17
  198. deny from 216.32.0.0/14
  199. # M86
  200. deny from 67.192.231.224/29
  201. deny from 208.90.236.0/22
  202. # McAfee-Secure-Computing
  203. deny from 69.48.241.64/26
  204. deny from 80.66.0.0/19
  205. deny from 192.55.214.0/24
  206. deny from 207.67.117.0/24
  207. # Phish-Inspector.com
  208. deny from 209.147.127.208/28
  209. # Prescient Software, Inc. Phishmongers
  210. deny from 198.186.190.0/23
  211. deny from 198.186.192.0/23
  212. deny from 198.186.194.0/24
  213. # PSI network
  214. deny from 38.0.0.0/8
  215. # urlfilterdb
  216. deny from 207.210.99.32/29
  217. # websense-in.car1.sandiego1.level3.net
  218. deny from 4.53.120.22
  219. # Websense
  220. deny from 66.194.6.0/24
  221. deny from 67.117.201.128/28
  222. deny from 69.67.32.0/20
  223. deny from 131.191.87.0/24
  224. deny from 204.15.64.0/21
  225. deny from 208.80.192.0/21
  226. deny from 212.62.26.64/27
  227. deny from 213.168.226.0/24
  228. deny from 213.168.241.0/30
  229. deny from 213.168.242.0/30
  230. deny from 213.236.150.16/28
  231. # Yandex
  232. deny from 77.88.0.0/18
  233. deny from 77.88.22.0/23
  234. deny from 77.88.24.0/21
  235. deny from 77.88.24.0/22
  236. deny from 77.88.28.0/22
  237. deny from 77.88.36.0/23
  238. deny from 77.88.42.0/23
  239. deny from 77.88.44.0/24
  240. deny from 77.88.50.0/23
  241. deny from 87.250.224.0/19
  242. deny from 87.250.230.0/23
  243. deny from 87.250.252.0/22
  244. deny from 93.158.128.0/18
  245. deny from 93.158.137.0/24
  246. deny from 93.158.144.0/21
  247. deny from 93.158.144.0/23
  248. deny from 93.158.146.0/23
  249. deny from 93.158.148.0/22
  250. deny from 95.108.128.0/17
  251. deny from 95.108.128.0/24
  252. deny from 95.108.152.0/22
  253. deny from 95.108.216.0/23
  254. deny from 95.108.240.0/21
  255. deny from 95.108.248.0/23
  256. deny from 178.154.128.0/17
  257. deny from 178.154.160.0/22
  258. deny from 178.154.164.0/23
  259. deny from 199.36.240.0/22
  260. deny from 213.180.192.0/19
  261. deny from 213.180.204.0/24
  262. deny from 213.180.206.0/23
  263. deny from 213.180.209.0/24
  264. deny from 213.180.218.0/23
  265. deny from 213.180.220.0/23
  266. # End HackRepair.com Blacklist
  267.  
  268. Order allow,deny
  269. Allow from all
  270. Deny from 66.197.252.103
  271. Deny from 66.240.155.113
  272. Deny from 69.58.178.56
  273. Deny from 74.200.72.218
  274. Deny from 118.139.162.33
  275. Deny from 122.155.1.45
  276. Deny from 188.40.102.147
  277. Deny from 195.190.13.26
  278. Deny from 208.87.242.44
  279. Deny from 216.97.227.60
  280. Deny from 200.98.174.82
  281. Deny from 220.225.146.35
  282. Deny from 222.161.137.80
  283. Deny from 72.167.191.0/24
  284.  
  285. <files .htaccess>
  286. Order allow,deny
  287. Deny from all
  288. </files>
  289.  
  290. <files readme.html>
  291. Order allow,deny
  292. Deny from all
  293. </files>
  294.  
  295. <files readme.txt>
  296. Order allow,deny
  297. Deny from all
  298. </files>
  299.  
  300. <files install.php>
  301. Order allow,deny
  302. Deny from all
  303. </files>
  304.  
  305. <files wp-config.php>
  306. Order allow,deny
  307. Deny from all
  308. </files>
  309.  
  310. <IfModule mod_rewrite.c>
  311. RewriteEngine On
  312.  
  313. RewriteRule ^wp-admin/includes/ - [F,L]
  314. RewriteRule !^wp-includes/ - [S=3]
  315. RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
  316. RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
  317. RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
  318. RewriteRule ^wp-includes/theme-compat/ - [F,L]
  319.  
  320. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
  321. RewriteRule ^(.*)$ - [F,L]
  322.  
  323. RewriteCond %{REQUEST_METHOD} POST
  324. RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php*
  325. RewriteCond %{HTTP_REFERER} !^(.*)com.au.* [OR]
  326. RewriteCond %{HTTP_USER_AGENT} ^$
  327. RewriteRule ^(.*)$ - [F,L]
  328.  
  329. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
  330. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
  331. RewriteCond %{QUERY_STRING} tag\= [NC,OR]
  332. RewriteCond %{QUERY_STRING} ftp\:  [NC,OR]
  333. RewriteCond %{QUERY_STRING} http\:  [NC,OR]
  334. RewriteCond %{QUERY_STRING} https\:  [NC,OR]
  335. RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
  336. RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
  337. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
  338. RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
  339. RewriteCond %{QUERY_STRING} ^.*(&#x22;|&#x27;|&#x3C;|&#x3E;|&#x5C;|&#x7B;|&#x7C;).* [NC,OR]
  340. RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
  341. RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
  342. RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
  343. RewriteCond %{QUERY_STRING} ^.*(request|select|concat|insert|union|declare).* [NC]
  344. RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
  345. RewriteRule ^(.*)$ - [F,L]
  346.  
  347. </IfModule>
  348.  
  349. # END Better WP Security
clone this paste RAW Paste Data