| Author |
Message |
 Mighty Gorgon 
Site Admin
Joined: August 2006
Posts: 5752
Location: Borgo San Michele
|
 058-008 & 009 - HTACCESS & Errors
Hi all.
For all that cannot set REGISTER_GLOBALS to OFF, I've created this HTACCESS that may block hacking via RFI (Remote File Injection).
HTACCESS modification requires Apache Rewrite Engine set to ENABLED to work and is not needed for those who have REGISTER_GLOBALS set to OFF.
Here is the part to insert in your HTACCESS in the root of your site:
##################################
# Block Hacking Attempts - BEGIN #
##################################
##################################
# CONDITIONS
##################################
# STRICT CONDITION
#RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path|album_root_path|module_root_path|mx_root_path|upi2db_file_path).*$
# LESS STRICT CONDITION
RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path=|album_root_path=|module_root_path=|mx_root_path=|upi2db_file_path=).*$
##################################
# REWRITE
##################################
# FORBIDDEN
#RewriteRule ^.*$ - [F,L]
# REDIRECT TO LOCALHOST
RewriteRule ^.*$ http://127.0.0.1/ [redirect,last]
##################################
##################################
# Block Hacking Attempts - END #
##################################
This will redirect all hacking attempts using the most common known vars (these should be the only used in XS, if you install other mods, you may want to add even other vars) to localhost of the hacker.
I left commented the opportunity to generate an error that will be logged by XS errors function which I attach here the new file.
So here attached you will find:
- Premodified standard XS HTACCESS
- New ERRORS.PHP file (replace the old with this one)
The file errors.php it's indipendent from HTACCESS, so you should apply this patch even if you are not modifying your HTACCESS
|
| Description: |
058-009 - Errors |
Download |
| Filename: |
058_009_errors.zip |
| Filesize: |
2.35 KB |
| Downloaded: |
150 Time(s) |
|
| Description: |
058-008 - HTACCESS |
Download |
| Filename: |
058_008_htaccess.zip |
| Filesize: |
5.21 KB |
| Downloaded: |
146 Time(s) |
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#1 Tue 29 Aug, 2006 10:09 |
|
 |
| Thanks for the useful Topic Mighty Gorgon: |
|---|
| Hakkinen (29 August), ThE KuKa (29 August), zankyw (02 September) |
|
Sponsors
|
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.
|
|
 Nizzle
Joined: August 2006
Posts: 152
Location: Dordrecht..
|
Re: 058-008 & 009 - HTACCESS & Errors
you've put my part in that .htacces 
BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again
bringing them into a loop
which makes them useless..
is there a site like that?
____________ check out my site sometime 
www.Dutch-HQ.net
|
#2 Tue 29 Aug, 2006 13:47 |
|
|
Lucky
Joined: August 2006
Posts: 106
|
Re: 058-008 & 009 - HTACCESS & Errors
I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess !
But I must change the errors file.
I's all right ?
|
#3 Tue 29 Aug, 2006 14:13 |
|
|
Lucky
Joined: August 2006
Posts: 106
|
Re: 058-008 & 009 - HTACCESS & Errors
In phpbb-seo they have suggest to me to make these change in .htaccess
1)
Move
- #make sure the whole site goes to www.mysite.com
- #instead of mysite.com. This is good for the search engines
- #Edit and uncomment the below lines for your own site.
- RewriteCond %{HTTP_HOST} ^mysite.org
- RewriteRule (.*) http://www.mysite.com/$1 [R=301,L]
-
between
RewriteEngine On
and
RewriteBase /
2)
put [L] at the end of every RewriteRule
More details about this discussion you can find HERE
What do you think about it ?
|
#4 Tue 29 Aug, 2006 14:23 |
|
|
Mighty Gorgon
Site Admin
Joined: August 2006
Posts: 5752
Location: Borgo San Michele
|
Re: 058-008 & 009 - HTACCESS & Errors
you've put my part in that .htacces
BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again
bringing them into a loop
which makes them useless..
is there a site like that?
Great idea... we can buy a domain and do it! Then we will sell banners... 
I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess !
But I must change the errors file.
I's all right ?
Right! 
In phpbb-seo they have suggest to me to make these change in .htaccess
...
What do you think about it ?
Yes it does make sense...
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#5 Thu 31 Aug, 2006 01:37 |
|
|
Nizzle
Joined: August 2006
Posts: 152
Location: Dordrecht..
|
Re: 058-008 & 009 - HTACCESS & Errors
got a new spammer site thingy..
____________ check out my site sometime
www.Dutch-HQ.net
|
#6 Thu 31 Aug, 2006 18:12 |
|
|
hpl
Joined: August 2006
Posts: 301
Location: Trieste
|
Re: 058-008 & 009 - HTACCESS & Errors
this is ok for Aruba??...
|
#7 Sat 02 Sep, 2006 10:44 |
|
|
Mighty Gorgon
Site Admin
Joined: August 2006
Posts: 5752
Location: Borgo San Michele
|
Re: 058-008 & 009 - HTACCESS & Errors
this is ok for Aruba??...
Yes... it is working here.
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#8 Sat 02 Sep, 2006 13:22 |
|
|
Nizzle
Joined: August 2006
Posts: 152
Location: Dordrecht..
|
Re: 058-008 & 009 - HTACCESS & Errors
today I've found yet some others..
- RewriteCond %{HTTP_REFERER} ^(.*)alcotour.com(.*)$ [OR]
- RewriteCond %{HTTP_REFERER} ^(.*)goldadornment.com(.*)$ [OR]
- RewriteCond %{HTTP_REFERER} ^(.*)mifec.org(.*)$ [OR]
- RewriteCond %{HTTP_REFERER} ^(.*)1awm.com(.*)$ [OR]
- RewriteCond %{HTTP_REFERER} ^(.*)toruc.org(.*)$ [OR]
all from the same damn site
____________ check out my site sometime
www.Dutch-HQ.net
|
#9 Mon 04 Sep, 2006 21:20 |
|
|
fracs
Contributor
    
Joined: August 2006
Posts: 66
Location: Cosenza
|
Re: 058-008 & 009 - HTACCESS & Errors
My error log:
script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842
and more of this.
____________ Cosenza United::FCC
My Problem Child
|
#10 Tue 19 Sep, 2006 09:06 |
|
|
Mighty Gorgon
Site Admin
Joined: August 2006
Posts: 5752
Location: Borgo San Michele
|
Re: 058-008 & 009 - HTACCESS & Errors
My error log:
script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842
and more of this.
It seems you are missing that file... or you may have to set a different path to errors.php... 
Do you have your forum in a subfolder?
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#11 Wed 20 Sep, 2006 00:37 |
|
|
fracs
Contributor
Joined: August 2006
Posts: 66
Location: Cosenza
|
Re: 058-008 & 009 - HTACCESS & Errors
error.php is in root of forum /forum/error.php, /html/ is root of the site...
0: [client 66.249.65.xxx] PHP Fatal error: Call to undefined function: session_pagestart() in /home/cosenzau/cosenzaunited.org/html/errors.php on line 49
1: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './common.' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
2: [client 66.249.65.xxx] PHP Warning: main(./common.): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
3: [client 66.249.65.xxx] PHP Notice: Undefined variable: phpEx in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
4: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './extension.inc' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23
5: [client 66.249.65.xxx] PHP Warning: main(./extension.inc): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23
____________ Cosenza United::FCC
My Problem Child
|
#12 Wed 20 Sep, 2006 08:13 |
|
|
Nizzle
Joined: August 2006
Posts: 152
Location: Dordrecht..
|
Re: 058-008 & 009 - HTACCESS & Errors
you've put my part in that .htacces
BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again
bringing them into a loop
which makes them useless..
is there a site like that?
Great idea... we can buy a domain and do it! Then we will sell banners...
you'd get a shitload of visitors
put it in the default .htacces for XS and you'll get even more 
____________ check out my site sometime
www.Dutch-HQ.net
|
#13 Sat 23 Sep, 2006 14:40 |
|
|
|
|
