# Block out any script trying to set a mosConfig value through the URL

1. # Block out any script trying to set a mosConfig value through the URL
2. RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
3.  
4. # Block out any script trying to base64_encode crap to send via URL
5. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
6. #Bypass: $a='base6'.'4_encode'; echo $$a(1234);
7.  
8. # Block out any script that includes a <script> tag in URL
9. RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
10. #Bypass: <img src=. onerror=alert(1)>
11.  
12. # Block out any script trying to set a PHP GLOBALS variable via URL
13. RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
14. #Bypass: $GLOBALS=((3))
15.  
16. # Block out any script trying to modify a _REQUEST variable via URL
17. RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
18. #Bypass: $_REQUEST =2