API tools faq
paste
Advertisement
scriptz-team

[SERVER] Secured .htaccess file

scriptz-team
Apr 26th, 2012
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.81 KB | None | 0 0
raw download clone embed print report
  1. # _____ _____ _ _____ _____ _____ _____ _____ _____
  2. # ___| | __ |_| _ |_ _|___ ___|_ _| __| _ | |
  3. #|_ -| --| -| | __| | | |- _|___| | | | __| | | | |
  4. #|___|_____|__|__|_|__| |_| |___| |_| |_____|__|__|_|_|_|
  5. #|s C R i P T z - T E A M . i N F O|----------------------------
  6. #
  7. #[SERVER] Secured .htaccess file
  8.  
  9. <ifModule mod_rewrite.c>
  10. RewriteEngine On
  11. RewriteBase /
  12. RewriteCond %{QUERY_STRING} (environ|localhost|mosconfig|scanner) [NC,OR]
  13. RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR]
  14. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
  15. RewriteCond %{QUERY_STRING} echo.*kae [NC,OR]
  16. RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
  17. RewriteCond %{QUERY_STRING} \=\\%27$ [NC,OR]
  18. RewriteCond %{QUERY_STRING} \=\\\'$ [NC,OR]
  19. RewriteCond %{QUERY_STRING} \.\./ [NC,OR]
  20. RewriteCond %{QUERY_STRING} \? [NC,OR]
  21. RewriteCond %{QUERY_STRING} \: [NC,OR]
  22. RewriteCond %{QUERY_STRING} \[ [NC,OR]
  23. RewriteCond %{QUERY_STRING} \] [NC]
  24. RewriteRule .* - [F]
  25. </ifModule>
  26.  
  27. # [USER AGENTS]
  28. <ifModule mod_setenvif.c>
  29. SetEnvIfNoCase User-Agent ^$ keep_out
  30. SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot) keep_out
  31. SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
  32. SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid) keep_out
  33. SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|turnit) keep_out
  34. SetEnvIfNoCase User-Agent (zmeu|nutch|vikspider|binlar|sucker) keep_out
  35. <limit GET POST PUT>
  36. Order Allow,Deny
  37. Allow from all
  38. Deny from env=keep_out
  39. </limit>
  40. </ifModule>
  41.  
  42. # [REQUEST STRINGS]
  43. <ifModule mod_alias.c>
  44. RedirectMatch 403 (https?|ftp|php)\://
  45. RedirectMatch 403 /(cgi|https?|ima|ucp)/
  46. RedirectMatch 403 /(Permanent|Better)$
  47. RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
  48. RedirectMatch 403 (\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
  49. RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
  50. RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
  51. RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
  52. RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
  53. RedirectMatch 403 \.well\-known/host\-meta
  54. RedirectMatch 403 /function\.array\-rand
  55. RedirectMatch 403 \)\;\$\(this\)\.html\(
  56. RedirectMatch 403 proc/self/environ
  57. RedirectMatch 403 msnbot\.htm\)\.\_
  58. RedirectMatch 403 /ref\.outcontrol
  59. RedirectMatch 403 com\_cropimage
  60. RedirectMatch 403 \{\$itemURL\}
  61. RedirectMatch 403 function\(\)
  62. RedirectMatch 403 labels\.rdf
  63. RedirectMatch 403 /playing.php
  64. RedirectMatch 403 muieblackcat
  65. RedirectMatch 403 .htaccess
  66. </ifModule>
  67.  
  68. # [BAD IPS]
  69. <limit GET POST PUT>
  70. Order Allow,Deny
  71. Allow from all
  72. # uncomment/edit/repeat next line to block IPs
  73. # Deny from xxx.yyy.zzz
  74. </limit>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!