hackrepair

Standard Anti-bot and Anti-hacker .htaccess addition

Jun 9th, 2012
1,088
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Add a couple extra line breaks above this
  2. ############# Above below by Jim Walker, Hackrepair.com
  3. # For Bad Bot protection.
  4. Options -Indexes
  5. RewriteEngine on
  6. #Block comment spammers, bad bots and some proxies
  7. RewriteCond %{REMOTE_HOST} 12.226.240.248 [OR]
  8. RewriteCond %{REMOTE_HOST} 24.111.102.26 [OR]
  9. RewriteCond %{REMOTE_HOST} 24.117.121.113 [OR]
  10. RewriteCond %{REMOTE_HOST} 65.30.216.140 [OR]
  11. RewriteCond %{REMOTE_HOST} 67.87.64.23 [OR]
  12. RewriteCond %{REMOTE_HOST} 68.12.149.198 [OR]
  13. RewriteCond %{REMOTE_HOST} 69.139.167.203 [OR]
  14. RewriteCond %{REMOTE_HOST} 74.95.182.57 [OR]
  15. RewriteCond %{REMOTE_HOST} 91.121.3.29 [OR]
  16. RewriteCond %{REMOTE_HOST} 203.94.229.227 [OR]
  17. RewriteCond %{REMOTE_HOST} 208.96.122.142 [OR]
  18. RewriteCond %{REMOTE_HOST} 210.0.141.247 [OR]
  19. RewriteCond %{REMOTE_HOST} 210.197.97.67 [OR]
  20. RewriteCond %{REMOTE_HOST} 212.179.127.188 [OR]
  21. RewriteCond %{REMOTE_HOST} 216.246.60.183 [OR]
  22. RewriteCond %{REMOTE_HOST} 220.156.189.233 [OR]
  23. RewriteCond %{REMOTE_HOST} 222.36.12.42 [OR]
  24. # Abuse Agent Blocking
  25. RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
  26. RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR]
  27. RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR]
  28. RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR]
  29. RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
  30. RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
  31. RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR]
  32. RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR]
  33. RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
  34. RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR]
  35. RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
  36. RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
  37. RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR]
  38. RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
  39. RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
  40. RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
  41. RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
  42. RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
  43. RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
  44. RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
  45. RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
  46. RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
  47. RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
  48. RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
  49. RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
  50. RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
  51. RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
  52. RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR]
  53. RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR]
  54. RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
  55. RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR]
  56. RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
  57. RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR]
  58. RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR]
  59. RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR]
  60. RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR]
  61. RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
  62. RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
  63. RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
  64. RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
  65. RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
  66. RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR]
  67. RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR]
  68. RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR]
  69. RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
  70. RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
  71. RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
  72. RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
  73. RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
  74. RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
  75. RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
  76. RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
  77. RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
  78. RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]
  79. RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR]
  80. RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
  81. RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR]
  82. RewriteCond %{HTTP_USER_AGENT} MFC_Tear_Sample [NC,OR]
  83. RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR]
  84. RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR]
  85. RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
  86. RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
  87. RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR]
  88. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR]
  89. RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR]
  90. RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR]
  91. RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
  92. RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
  93. RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
  94. RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
  95. RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
  96. RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
  97. RewriteCond %{HTTP_USER_AGENT} ^Nutch [NC,OR]
  98. RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
  99. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
  100. RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
  101. RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
  102. RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR]
  103. RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
  104. RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
  105. RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR]
  106. RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR]
  107. RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
  108. RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR]
  109. RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR]
  110. RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
  111. RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
  112. RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
  113. RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR]
  114. RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR]
  115. RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR]
  116. RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR]
  117. RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
  118. RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
  119. RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR]
  120. RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR]
  121. RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
  122. RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
  123. RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
  124. RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
  125. RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
  126. RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR]
  127. RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR]
  128. RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR]
  129. RewriteCond %{HTTP_USER_AGENT} User-Agent [NC,OR]
  130. RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
  131. RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
  132. RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
  133. RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR]
  134. RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR]
  135. RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
  136. RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR]
  137. RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR]
  138. RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
  139. RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
  140. RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
  141. RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
  142. RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
  143. RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
  144. RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
  145. RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
  146. RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
  147. RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
  148. RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
  149. RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR]
  150. RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR]
  151. RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
  152. RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
  153. RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR]
  154. RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
  155. RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
  156. RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR]
  157. RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR]
  158. RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
  159. RewriteCond %{HTTP_USER_AGENT} ^Zeus\.*Webster [NC,OR]
  160. RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC]
  161. RewriteRule ^.* - [F,L]
  162. # Abuse bot blocking rule end
  163. order allow,deny
  164. allow from all
  165. # Start Custom Blocks
  166. # Bluecoat
  167. deny from 8.21.4.254
  168. deny from 65.46.48.192/30
  169. deny from 65.160.238.176/28
  170. deny from 85.92.222.0/24
  171. deny from 206.51.36.0/22
  172. deny from 216.52.23.0/24
  173. # cyveillance (already blocked 38.*)
  174. deny from 38.100.19.8/29
  175. deny from 38.100.21.0/24
  176. deny from 38.100.41.64/26
  177. deny from 38.105.71.0/25
  178. deny from 38.105.83.0/27
  179. deny from 38.112.21.140/30
  180. deny from 38.118.42.32/29
  181. deny from 65.213.208.128/27
  182. deny from 65.222.176.96/27
  183. deny from 65.222.185.72/29
  184. # Cyberpatrol
  185. deny from 38.103.17.160/27
  186. # Internet Identity - Anti-Phishing
  187. deny from 66.113.96.0/20
  188. deny from 70.35.113.192/27
  189. # Ironport
  190. deny from 204.15.80.0/22
  191. # Lightspeed Systems Security
  192. deny from 66.17.15.128/26
  193. deny from 69.84.207.32/27
  194. deny from 69.84.207.128/25
  195. # Layered Technologies
  196. deny from 72.36.128.0/17
  197. deny from 72.232.0.0/16
  198. deny from 72.233.0.0/17
  199. deny from 216.32.0.0/14
  200. # M86
  201. deny from 67.192.231.224/29
  202. deny from 208.90.236.0/22
  203. # McAfee-Secure-Computing
  204. deny from 69.48.241.64/26
  205. deny from 80.66.0.0/19
  206. deny from 192.55.214.0/24
  207. deny from 207.67.117.0/24
  208. # Phish-Inspector.com
  209. deny from 209.147.127.208/28
  210. # Prescient Software, Inc. Phishmongers
  211. deny from 198.186.190.0/23
  212. deny from 198.186.192.0/23
  213. deny from 198.186.194.0/24
  214. # urlfilterdb
  215. deny from 207.210.99.32/29
  216. # websense-in.car1.sandiego1.level3.net
  217. deny from 4.53.120.22
  218. # Websense
  219. deny from 66.194.6.0/24
  220. deny from 67.117.201.128/28
  221. deny from 69.67.32.0/20
  222. deny from 131.191.87.0/24
  223. deny from 204.15.64.0/21
  224. deny from 208.80.192.0/21
  225. deny from 212.62.26.64/27
  226. deny from 213.168.226.0/24
  227. deny from 213.168.241.0/30
  228. deny from 213.168.242.0/30
  229. deny from 213.236.150.16/28
  230. # Yandex
  231. deny from 77.88.0.0/18
  232. deny from 77.88.22.0/23
  233. deny from 77.88.24.0/21
  234. deny from 77.88.24.0/22
  235. deny from 77.88.28.0/22
  236. deny from 77.88.36.0/23
  237. deny from 77.88.42.0/23
  238. deny from 77.88.44.0/24
  239. deny from 77.88.50.0/23
  240. deny from 87.250.224.0/19
  241. deny from 87.250.230.0/23
  242. deny from 87.250.252.0/22
  243. deny from 93.158.128.0/18
  244. deny from 93.158.137.0/24
  245. deny from 93.158.144.0/21
  246. deny from 93.158.144.0/23
  247. deny from 93.158.146.0/23
  248. deny from 93.158.148.0/22
  249. deny from 95.108.128.0/17
  250. deny from 95.108.128.0/24
  251. deny from 95.108.152.0/22
  252. deny from 95.108.216.0/23
  253. deny from 95.108.240.0/21
  254. deny from 95.108.248.0/23
  255. deny from 178.154.128.0/17
  256. deny from 178.154.160.0/22
  257. deny from 178.154.164.0/23
  258. deny from 199.36.240.0/22
  259. deny from 213.180.192.0/19
  260. deny from 213.180.204.0/24
  261. deny from 213.180.206.0/23
  262. deny from 213.180.209.0/24
  263. deny from 213.180.218.0/23
  264. deny from 213.180.220.0/23
  265. # End Custom Blocks
  266.  
  267. ############# Below Added by Jim Walker, Hackrepair.com
  268. ### If problem with sites go ahead and delete this anti-hacker text
  269.  
  270. Options -Indexes
  271. # FILTER REQUEST METHODS
  272. RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
  273. RewriteRule ^(.*)$ - [F,L]
  274.  
  275. # QUERY STRING EXPLOITS
  276. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
  277. RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
  278. RewriteCond %{QUERY_STRING} tag\= [NC,OR]
  279. RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
  280. RewriteCond %{QUERY_STRING} http\: [NC,OR]
  281. RewriteCond %{QUERY_STRING} https\: [NC,OR]
  282. RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
  283. RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
  284. RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
  285. RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
  286. RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
  287. RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
  288. RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
  289. RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
  290. RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR]
  291. RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
  292. RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC]
  293. RewriteRule ^(.*)$ - [F,L]
  294. ############# Above Added by Jim Walker, Hackrepair.com
  295. # Add a couple extra line breaks below this
RAW Paste Data