.htaccess Generator

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ben Stones
    replied
    Originally posted by Murakami View Post
    Explain me please what is htaccess generator?
    It allows you to easily create .htaccess rules for .htaccess files that are usually placed in the root website folder (i.e. on cPanel this would be the public_html or www folder). .htaccess can be used to block specific IPs from accessing a particular folder (or your entire website) and much much more.

    For more information on .htaccess, read: .htaccess - Wikipedia, the free encyclopedia

    Leave a comment:


  • Murakami
    replied
    Explain me please what is htaccess generator?

    Leave a comment:


  • _Chris_
    replied
    Yep, I would like to know as well.

    Leave a comment:


  • digi1001
    replied
    Thanks for the tip. Would using the rules in the post by _Chris_ above, compromise security?

    Leave a comment:


  • _Chris_
    replied
    That looks good. It would also be good that no-one else could edit the htaccess - what is the best way of ensuring that ? How safe and secure, is :

    <FILES .htaccess>
    order allow,deny
    deny from all
    </FILES>

    Leave a comment:


  • Davidpoul
    replied
    I check the site and I notice that it help me lot. Thank for this

    Leave a comment:


  • mobile_walls
    replied
    I would like to share some lines that are very useful against vulnerability and could make higher load to your site

    Code:
    # prevent access from santy webworm a-e 
    RewriteCond %{QUERY_STRING} ^(.*)highlight=\%2527 [OR]
    RewriteCond %{QUERY_STRING} ^(.*)echr(.*) [OR] 
    RewriteCond %{QUERY_STRING}% s:(.*)252echr [OR]
    RewriteCond %{QUERY_STRING} ^(.*)esystem(.*) [OR]
    RewriteCond %{QUERY_STRING} ^(.*)rush=\%65\%63\%68 [OR] 
    RewriteCond %{QUERY_STRING} ^(.*)rush=echo [OR] 
    RewriteCond %{QUERY_STRING} ^(.*)wget\%20 [OR] 
    RewriteCond %{QUERY_STRING}% s:(.*)wget
    RewriteRule ^.*$ http://127.0.0.1/ [R,L] 
    
    # prevent pre php 4.3.10 bug 
    RewriteCond %{HTTP_COOKIE}% s:(.*):\%22test1\%22\%3b 
    RewriteRule ^.*$ http://127.0.0.1/ [R,L]  
    
    # this ruleset is to "stop" stupid attempts to use MS IIS Web Server expolits on us
    # NIMDA
    RewriteCond %{REQUEST_URI} /(admin|cmd|httpodbc|nsiislog|root|shell)\.(dll|exe) [NC]
    RewriteRule .* - [F,L]
    
    # CODERED
    RewriteCond %{REQUEST_URI} /default\.(ida|idq)$ [NC,OR]
    RewriteCond %{REQUEST_URI} /.*\.printer$ [NC]
    RewriteRule .* - [F,L]
    
    # IE's "make available offline" mode
    RewriteCond %{HTTP_USER_AGENT} MSIECrawler [OR]
    
    # unknown bot
    RewriteCond %{HTTP_USER_AGENT} ^NG [OR]
    
    # You may want to enable these lines below to disallow php and perl scripts to access your site
     RewriteCond %{HTTP_USER_AGENT} ^.*PHP.*$ [OR]
     RewriteCond %{HTTP_USER_AGENT} ^.*libwww-perl [NC,OR]
    
    # Ignorant user trying to edit my [url=http://www.eukhost.com/]website hosting[/url]
    RewriteCond %{HTTP_USER_AGENT} FrontPage [OR]
    #this one will ban everything microsoft. Use with caution.
    RewriteCond %{HTTP_USER_AGENT} ^(Microsoft|MFC).(Data|URL|WebDAV|Foundation).(Access|Control|MiniRedir|Class) [NC,OR]
    
    # MSOffice
    RewriteCond %{REQUEST_URI} ^/(MSOffice|_vti) [NC,OR]
    
    # Various
    RewriteCond %{REQUEST_URI} ^/(bin/|cgi/|cgi\-local/|cgi\-bin/|sumthin) [NC,OR]
    RewriteCond %{THE_REQUEST} ^GET\ http [NC,OR]
    RewriteCond %{REQUEST_URI} /sensepost\.exe [NC,OR]
    RewriteCond %{REQUEST_METHOD}!^(GET|HEAD|POST) [NC,OR]
    
    # Cyveillance is a spybot that scours the web for copyright violations and ?damaging information? on
    # behalf of clients such as the RIAA and MPAA. Their robot spoofs its User-Agent to look like Internet
    # Explorer, and it completely ignores robots.txt. I have
    # banned it by IP address.
    RewriteCond %{REMOTE_ADDR} ^63\.148\.99\.2(2[4-9]|[34][0-9]|5[0-5])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^63\.226\.3[34]\. [OR]
    RewriteCond %{REMOTE_ADDR} ^63\.212\.171\.161$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.118\.41\.(19[2-9]|2[01][0-9]|22[0-3])$ [OR]
    
    # NameProtect peddles their ?online brand monitoring? to unsuspecting and gullible companies
    # looking for people to sue. Despite the claims on their robot information page, they do not
    # respect robots.txt; in fact, they spoof their User-Agent in multiple ways to avoid detection.
    # I have banned them by User-Agent and IP address.
    RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^NPBot	[NC,OR]
    
    # Web Content International
    RewriteCond %{REMOTE_ADDR} ^65\.102\.12\.2(2[4-9]|3[01])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.102\.17\.(3[2-9]|[4-6][0-9]|7[01]|8[89]|9[0-5]|10[4-9]|11[01])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.102\.23\.1(5[2-9]|6[0-7])$ [OR]
    
    # dumb bot
    RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0$" [OR]
    
    # Wordtracker
    RewriteCond %{REMOTE_ADDR} ^128\.242\.197\.101$ [OR]
    
    # Unknown
    # unknown.Level3.net
    RewriteCond %{REMOTE_ADDR} ^64\.156\.198\.(6[89]|7[0-9]|80)$ [OR]
    
    # host25x.keebler.com
    RewriteCond %{REMOTE_ADDR} ^65\.223\.250\.25[0-3]$ [OR]
    
    # Turnitin spybot
    RewriteCond %{REMOTE_ADDR} ^64\.140\.49\.6([6-9])$ [OR]
    RewriteCond %{HTTP_USER_AGENT} TurnitinBot [OR]
    
    # this ruleset is for formmail script abusers...
    # we don't use Perl for Postnuke so this is not really needed.
    RewriteCond %{REQUEST_URI} (mail.?form|form|form.?mail|mail|mailto)\.(cgi|exe|pl)$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*FileHound.*$
    RewriteRule .* - [F,L]
    
    # dumb bot
    RewriteCond %{HTTP_USER_AGENT} "^Mozilla/3.0$" 
    RewriteRule .* - [F,L]
    
    <FILES .htaccess>
    order allow,deny 
    deny from all
    </FILES>
    Hope this help

    Leave a comment:


  • eUKhost.com
    replied
    [QUOTE=andreea360;28787]Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

    Thanks

    __________________

    Yes. You need to add "#" infront of respective line to comment it.
    Last edited by Ben Stones; 07-09-2008, 21:40.

    Leave a comment:


  • andreea360
    replied
    Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

    Thanks

    __________________
    Technology Transfer Company: http://www.yissum.co.il/

    Leave a comment:


  • shadows
    replied
    yeah, i saw that website lil time ago..when i tried to make it work and hadn't cpanel yeah.. hmm there are plenty other ways too..1.get cpanel 2.get plesk 3. get other panel 4. other other panel lol yeah

    Thanks
    Last edited by Ben Stones; 19-08-2011, 19:36. Reason: Fixed problem where the word 'website' was replaced with 'website hosting' due to keyword replacement we had installed before

    Leave a comment:


  • eUKhost.com
    started a topic .htaccess Generator

    .htaccess Generator

    Found this helpful website on the web for generation of .htaccess

    htaccess Generator

    It seems to be very helpful for someone like me who has no knowledge of web development. You can generate a .htaccess file for rewrite rules, redirects, Map Folder To Script, Custom Error Documents, Rewrite Condition, Protect System Files, File Cache Control, Additional Mime Types, File Extensions, Default Page & Authentication.

    I hope this will help everyone over here and me as well
    Last edited by Ben Stones; 19-08-2011, 19:35.
Working...
X