.htaccess Generator

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    .htaccess Generator

    Found this helpful website on the web for generation of .htaccess

    htaccess Generator

    It seems to be very helpful for someone like me who has no knowledge of web development. You can generate a .htaccess file for rewrite rules, redirects, Map Folder To Script, Custom Error Documents, Rewrite Condition, Protect System Files, File Cache Control, Additional Mime Types, File Extensions, Default Page & Authentication.

    I hope this will help everyone over here and me as well
    Last edited by Ben Stones; 19-08-2011, 19:35.
    eUKhost - eNlight Cloud Hosting || eUKhost Knowledgebase
    Toll Free : 0808 262 0255 || Skype : mark_ducadi
    Tags: None
    #2
    yeah, i saw that website lil time ago..when i tried to make it work and hadn't cpanel yeah.. hmm there are plenty other ways too..1.get cpanel 2.get plesk 3. get other panel 4. other other panel lol yeah

    Thanks
    Last edited by Ben Stones; 19-08-2011, 19:36. Reason: Fixed problem where the word 'website' was replaced with 'website hosting' due to keyword replacement we had installed before

    Comment

      #3
      Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

      Thanks

      __________________
      Technology Transfer Company: http://www.yissum.co.il/

      Comment

        #4
        [QUOTE=andreea360;28787]Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

        Thanks

        __________________

        Yes. You need to add "#" infront of respective line to comment it.
        Last edited by Ben Stones; 07-09-2008, 21:40.
        eUKhost - eNlight Cloud Hosting || eUKhost Knowledgebase
        Toll Free : 0808 262 0255 || Skype : mark_ducadi

        Comment

          #5
          I would like to share some lines that are very useful against vulnerability and could make higher load to your site

          Code:
          # prevent access from santy webworm a-e 
RewriteCond %{QUERY_STRING} ^(.*)highlight=\%2527 [OR]
RewriteCond %{QUERY_STRING} ^(.*)echr(.*) [OR] 
RewriteCond %{QUERY_STRING}% s:(.*)252echr [OR]
RewriteCond %{QUERY_STRING} ^(.*)esystem(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)rush=\%65\%63\%68 [OR] 
RewriteCond %{QUERY_STRING} ^(.*)rush=echo [OR] 
RewriteCond %{QUERY_STRING} ^(.*)wget\%20 [OR] 
RewriteCond %{QUERY_STRING}% s:(.*)wget
RewriteRule ^.*$ http://127.0.0.1/ [R,L] 

# prevent pre php 4.3.10 bug 
RewriteCond %{HTTP_COOKIE}% s:(.*):\%22test1\%22\%3b 
RewriteRule ^.*$ http://127.0.0.1/ [R,L]  

# this ruleset is to "stop" stupid attempts to use MS IIS Web Server expolits on us
# NIMDA
RewriteCond %{REQUEST_URI} /(admin|cmd|httpodbc|nsiislog|root|shell)\.(dll|exe) [NC]
RewriteRule .* - [F,L]

# CODERED
RewriteCond %{REQUEST_URI} /default\.(ida|idq)$ [NC,OR]
RewriteCond %{REQUEST_URI} /.*\.printer$ [NC]
RewriteRule .* - [F,L]

# IE's "make available offline" mode
RewriteCond %{HTTP_USER_AGENT} MSIECrawler [OR]

# unknown bot
RewriteCond %{HTTP_USER_AGENT} ^NG [OR]

# You may want to enable these lines below to disallow php and perl scripts to access your site
 RewriteCond %{HTTP_USER_AGENT} ^.*PHP.*$ [OR]
 RewriteCond %{HTTP_USER_AGENT} ^.*libwww-perl [NC,OR]

# Ignorant user trying to edit my [url=http://www.eukhost.com/]website hosting[/url]
RewriteCond %{HTTP_USER_AGENT} FrontPage [OR]
#this one will ban everything microsoft. Use with caution.
RewriteCond %{HTTP_USER_AGENT} ^(Microsoft|MFC).(Data|URL|WebDAV|Foundation).(Access|Control|MiniRedir|Class) [NC,OR]

# MSOffice
RewriteCond %{REQUEST_URI} ^/(MSOffice|_vti) [NC,OR]

# Various
RewriteCond %{REQUEST_URI} ^/(bin/|cgi/|cgi\-local/|cgi\-bin/|sumthin) [NC,OR]
RewriteCond %{THE_REQUEST} ^GET\ http [NC,OR]
RewriteCond %{REQUEST_URI} /sensepost\.exe [NC,OR]
RewriteCond %{REQUEST_METHOD}!^(GET|HEAD|POST) [NC,OR]

# Cyveillance is a spybot that scours the web for copyright violations and ?damaging information? on
# behalf of clients such as the RIAA and MPAA. Their robot spoofs its User-Agent to look like Internet
# Explorer, and it completely ignores robots.txt. I have
# banned it by IP address.
RewriteCond %{REMOTE_ADDR} ^63\.148\.99\.2(2[4-9]|[34][0-9]|5[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^63\.226\.3[34]\. [OR]
RewriteCond %{REMOTE_ADDR} ^63\.212\.171\.161$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.118\.41\.(19[2-9]|2[01][0-9]|22[0-3])$ [OR]

# NameProtect peddles their ?online brand monitoring? to unsuspecting and gullible companies
# looking for people to sue. Despite the claims on their robot information page, they do not
# respect robots.txt; in fact, they spoof their User-Agent in multiple ways to avoid detection.
# I have banned them by User-Agent and IP address.
RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot	[NC,OR]

# Web Content International
RewriteCond %{REMOTE_ADDR} ^65\.102\.12\.2(2[4-9]|3[01])$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.102\.17\.(3[2-9]|[4-6][0-9]|7[01]|8[89]|9[0-5]|10[4-9]|11[01])$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.102\.23\.1(5[2-9]|6[0-7])$ [OR]

# dumb bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0$" [OR]

# Wordtracker
RewriteCond %{REMOTE_ADDR} ^128\.242\.197\.101$ [OR]

# Unknown
# unknown.Level3.net
RewriteCond %{REMOTE_ADDR} ^64\.156\.198\.(6[89]|7[0-9]|80)$ [OR]

# host25x.keebler.com
RewriteCond %{REMOTE_ADDR} ^65\.223\.250\.25[0-3]$ [OR]

# Turnitin spybot
RewriteCond %{REMOTE_ADDR} ^64\.140\.49\.6([6-9])$ [OR]
RewriteCond %{HTTP_USER_AGENT} TurnitinBot [OR]

# this ruleset is for formmail script abusers...
# we don't use Perl for Postnuke so this is not really needed.
RewriteCond %{REQUEST_URI} (mail.?form|form|form.?mail|mail|mailto)\.(cgi|exe|pl)$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FileHound.*$
RewriteRule .* - [F,L]

# dumb bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/3.0$" 
RewriteRule .* - [F,L]

<FILES .htaccess>
order allow,deny 
deny from all
</FILES>
          Hope this help
          - - -

          Comment

            #6
            I check the site and I notice that it help me lot. Thank for this
            David Poul

            Comment

              #7
              That looks good. It would also be good that no-one else could edit the htaccess - what is the best way of ensuring that ? How safe and secure, is :

              <FILES .htaccess>
              order allow,deny
              deny from all
              </FILES>
              eUKhost

              Comment

                #8
                Thanks for the tip. Would using the rules in the post by _Chris_ above, compromise security?

                Comment

                  #9
                  Yep, I would like to know as well.
                  eUKhost

                  Comment

                    #10
                    Explain me please what is htaccess generator?

                    Comment

                      #11
                      Originally posted by Murakami View Post
                      Explain me please what is htaccess generator?
                      It allows you to easily create .htaccess rules for .htaccess files that are usually placed in the root website folder (i.e. on cPanel this would be the public_html or www folder). .htaccess can be used to block specific IPs from accessing a particular folder (or your entire website) and much much more.

                      For more information on .htaccess, read: .htaccess - Wikipedia, the free encyclopedia

                      Comment

                      Previous template Next
                      Working...
                      X