.htaccess

1. # 5G BLACKLIST/FIREWALL
2. # @ http://perishablepress.com/5g-blacklist/
3.  
4. # 5G:[QUERY STRINGS]
5. <ifModule mod_rewrite.c>
6. RewriteEngine On
7. RewriteBase /
8. RewriteCond %{QUERY_STRING} (environ|localhost|mosconfig|scanner) [NC,OR]
9. RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR]
10. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
11. RewriteCond %{QUERY_STRING} echo.*kae [NC,OR]
12. RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
13. RewriteCond %{QUERY_STRING} \=\\%27$ [NC,OR]
14. RewriteCond %{QUERY_STRING} \=\\\'$ [NC,OR]
15. RewriteCond %{QUERY_STRING} \.\./ [NC,OR]
16. RewriteCond %{QUERY_STRING} \? [NC,OR]
17. RewriteCond %{QUERY_STRING} \: [NC]
18. RewriteRule .* - [F]
19. </ifModule>
20.  
21. # 5G:[USER AGENTS]
22. <ifModule mod_setenvif.c>
23. SetEnvIfNoCase User-Agent ^$ keep_out
24. SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot) keep_out
25. SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
26. SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid) keep_out
27. SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|turnit) keep_out
28. SetEnvIfNoCase User-Agent (zmeu|nutch|vikspider|binlar|sucker) keep_out
29. <limit GET POST PUT>
30. Order Allow,Deny
31. Allow from all
32. Deny from env=keep_out
33. </limit>
34. </ifModule>
35.  
36. # 5G:[REQUEST STRINGS]
37. <ifModule mod_alias.c>
38. RedirectMatch 403 (https?|ftp|php)\://
39. RedirectMatch 403 /(cgi|https?|ima|ucp)/
40. RedirectMatch 403 /(Permanent|Better)$
41. RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
42. RedirectMatch 403 (\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
43. RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
44. RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
45. RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
46. RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
47. RedirectMatch 403 \.well\-known/host\-meta
48. RedirectMatch 403 /function\.array\-rand
49. RedirectMatch 403 \)\;\$\(this\)\.html\(
50. RedirectMatch 403 proc/self/environ
51. RedirectMatch 403 msnbot\.htm\)\.\_
52. RedirectMatch 403 /ref\.outcontrol
53. RedirectMatch 403 com\_cropimage
54. RedirectMatch 403 indonesia\.htm
55. RedirectMatch 403 \{\$itemURL\}
56. RedirectMatch 403 function\(\)
57. RedirectMatch 403 labels\.rdf
58. RedirectMatch 403 /playing.php
59. RedirectMatch 403 muieblackcat
60. </ifModule>
61.  
62. # 5G:[BAD IPS]
63. <limit GET POST PUT>
64. Order Allow,Deny
65. Allow from all
66. # uncomment/edit/repeat next line to block IPs
67. # Deny from 123.456.789
68. </limit>
69.  
70. # disable the server signature
71. ServerSignature Off
72.  
73. # limit file uploads to 10mb
74. LimitRequestBody 10240000
75.  
76.  
77.  
78. #php_value max_execution_time 800
79. #php_value max_input_time 800
80. #php_value memory_limit 512M
81.  
82. #php_value upload_max_filesize 30M
83. #php_value post_max_size 30M
84.  
85. Header unset ETag
86. FileETag None
87.  
88. # php compression – use with caution
89. <ifmodule mod_php4.c>
90. php_value zlib.output_compression 16386
91. </ifmodule>
92.  
93. <ifModule mod_gzip.c>
94. mod_gzip_on Yes
95. mod_gzip_dechunk Yes
96. mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
97. mod_gzip_item_include handler ^cgi-script$
98. mod_gzip_item_include mime ^text/.*
99. mod_gzip_item_include mime ^application/x-javascript.*
100. mod_gzip_item_exclude mime ^image/.*
101. mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
102. </ifModule>
103.  
104. <ifModule mod_expires.c>
105. ExpiresActive On
106. ExpiresDefault "access plus 1 seconds"
107. ExpiresByType text/html "access plus 1 seconds"
108. ExpiresByType image/gif "access plus 2592000 seconds"
109. ExpiresByType image/jpeg "access plus 2592000 seconds"
110. ExpiresByType image/png "access plus 2592000 seconds"
111. ExpiresByType text/css "access plus 604800 seconds"
112. ExpiresByType text/javascript "access plus 216000 seconds"
113. ExpiresByType application/x-javascript "access plus 216000 seconds"
114. </ifModule>
115.  
116. <ifModule mod_headers.c>
117. <filesMatch "\\.(ico|pdf|flv|jpg|jpeg|png|gif|swf)$">
118. Header set Cache-Control "max-age=2592000, public"
119. </filesMatch>
120. <filesMatch "\\.(css)$">
121. Header set Cache-Control "max-age=604800, public"
122. </filesMatch>
123. <filesMatch "\\.(js)$">
124. Header set Cache-Control "max-age=216000, private"
125. </filesMatch>
126. <filesMatch "\\.(xml|txt)$">
127. Header set Cache-Control "max-age=216000, public, must-revalidate"
128. </filesMatch>
129. <filesMatch "\\.(html|htm|php)$">
130. Header set Cache-Control "max-age=1, private, must-revalidate"
131. </filesMatch>
132. </ifModule>
133.  
134. <ifModule mod_headers.c>
135. Header unset ETag
136. </ifModule>
137. FileETag None
138.  
139. <Files wp-config.php>
140. order allow,deny
141. deny from all
142. </Files>
143.  
144. <files .htaccess="">
145. order allow,deny
146. deny from all
147. </files>
148.  
149. <Files ~ "^.ht">
150. Order allow,deny
151. Deny from all
152. Satisfy All
153. </Files>
154.  
155. #custom error docs
156. ErrorDocument 404 /404.shtml
157. ErrorDocument 403 /403.shtml
158. ErrorDocument 500 /500.shtml
159.  
160. # BEGIN WordPress
161.  
162. RewriteEngine On
163. RewriteBase /
164. RewriteRule ^index\.php$ - [L]
165.  
166. # uploaded files
167. RewriteRule ^files/(.+) wp-includes/ms-files.php?file=$1 [L]
168. RewriteRule ^(.*/)?sitemap.xml wp-content/sitemap.php [L]
169.  
170. RewriteCond %{REQUEST_FILENAME} -f [OR]
171. RewriteCond %{REQUEST_FILENAME} -d
172. RewriteRule ^ - [L]
173. RewriteRule . index.php [L]
174.  
175. RewriteEngine On
176. RewriteCond %{REQUEST_METHOD} POST
177. RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
178. RewriteCond %{HTTP_REFERER} !.*bloglines.co.za* [OR]
179. RewriteCond %{HTTP_USER_AGENT} ^$
180. RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
181.  
182. # END WordPress