API tools faq
paste
Advertisement
GregoryRasputin

Site Security

GregoryRasputin
Jun 10th, 2017
234
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.63 KB | None | 0 0
raw download clone embed print report
  1. # Don't list directory contents
  2. IndexIgnore *
  3.  
  4. # Disable script execution
  5. AddHandler cgi-script .php .php2 .php3 .php4 .php5 .php6 .php7 .php8 .pl .py .js .jsp .asp .htm .html .shtml .sh .cgi
  6. Options -ExecCGI -Indexes
  7.  
  8. # Secure php.ini and .htaccess
  9. RewriteRule ^(php\\.ini|\\.htaccess) - [NC,F]
  10.  
  11. # Block shell uploaders, htshells, and other baddies
  12. RewriteCond %{REQUEST_URI} ((php|my|bypass)?shell|remview.*|phpremoteview.*|sshphp.*|pcom|nstview.*|c99|c100|r57|webadmin.*|phpget.*|phpwriter.*|fileditor.*|locus7.*|storm7.*)\\.(p?s?x?htm?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]
  13. RewriteCond %{REQUEST_URI} (\\.exe|\\.php\\?act=|\\.tar|_vti|afilter=|algeria\\.php|chbd|chmod|cmd|command|db_query|download_file|echo|edit_file|eval|evil_root|exploit|find_text|fopen|fsbuff|fwrite|friends_links\\.|ftp|gofile|grab|grep|htshell|\\ -dump|logname|lynx|mail_file|md5|mkdir|mkfile|mkmode|MSOffice|muieblackcat|mysql|owssvr\\.dll|passthru|popen|proc_open|processes|pwd|rmdir|root|safe0ver|search_text|selfremove|setup\\.php|shell|ShellAdresi\\.TXT|spicon|sql|ssh|system|telnet|trojan|typo3|uname|unzip|w00tw00t|whoami|xampp) [NC,OR]
  14. RewriteCond %{QUERY_STRING} (\\.exe|\\.tar|act=|afilter=|alter|benchmark|chbd|chmod|cmd|command|cast|char|concat|convert|create|db_query|declare|delete|download_file|drop|edit_file|encode|environ|eval|exec|exploit|find_text|fsbuff|ftp|friends_links\\.|globals|gofile|grab|insert|localhost|logname|loopback|mail_file|md5|meta|mkdir|mkfile|mkmode|mosconfig|muieblackcat|mysql|order|passthru|popen|proc_open|processes|pwd|request|rmdir|root|scanner|script|search_text|select|selfremove|set|shell|sql|sp_executesql|spicon|ssh|system|telnet|trojan|truncate|uname|union|unzip|whoami) [NC]
  15. RewriteRule .* - [F]
  16.  
  17. # Disable hotlinking of images
  18. RewriteCond %{HTTP_REFERER} !^$
  19. RewriteCond %{REQUEST_FILENAME} -f
  20. RewriteCond %{REQUEST_FILENAME} \\.(jpe?g?)$ [NC]
  21. RewriteCond %{HTTP_REFERER} !^https?://([^.]+\\.)?schw\\. [NC]
  22. RewriteRule \\.(jpe?g?)$ - [NC,F]
  23.  
  24. # Only the following file extensions are allowed
  25. Order Allow,Deny
  26. Deny from all
  27. <FilesMatch "\\.([Jj][Pp][Ee]?[Gg]?)$">
  28. Allow from all
  29. </FilesMatch>
  30.  
  31. # Block double extensions from being uploaded or accessed, including htshells
  32. <FilesMatch ".*\\.([^.]+)\\.([^.]+)$">
  33. Order Deny,Allow
  34. Deny from all
  35. </FilesMatch>
  36.  
  37. # Only allow GET and POST HTTP methods
  38. <LimitExcept GET POST>
  39. Deny from all
  40. </LimitExcept>
  41.  
  42. Source
  43. https://www.sitepoint.com/community/t/securing-image-upload-directory-via-htaccess/44659/2
  44. https://tomolivercv.wordpress.com/2011/07/24/protect-your-uploads-folder-with-htaccess/
  45. https://perishablepress.com/stupid-htaccess-tricks/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!