Extra Script For .htaccess »  Show posts from    to     

Icy Phoenix


Old Support Topics - Extra Script For .htaccess



jz [ Mon 08 Jan, 2007 00:02 ]
Post subject: Extra Script For .htaccess
Hi there,

I was wondering if it was worth adding the code below to the .htaccess file, or is it already featured?

Code: [Hide] [Select]
########## Begin - Rewrite rules to block out some common exploits
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits


Mighty Gorgon [ Mon 08 Jan, 2007 14:36 ]
Post subject: Re: Extra Script For .htaccess
Good suggestion... added...


jz [ Mon 08 Jan, 2007 18:15 ]
Post subject: Re: Extra Script For .htaccess
Here's a few more Spam Bots
Code: [Hide]
  1. RewriteCond %{HTTP_REFERER} ^(.*)appraiserseek.com(.*)$ [OR]  
  2. RewriteCond %{HTTP_REFERER} ^(.*)beyonddc.com(.*)$ [OR]  
  3. RewriteCond %{HTTP_REFERER} ^(.*)soltyra.com(.*)$ [OR]  
  4. RewriteCond %{HTTP_REFERER} ^(.*)wrongsideoftown.com(.*)$ [OR]  
  5. RewriteCond %{HTTP_REFERER} ^(.*)estranky.cz(.*)$ [OR]  
  6. RewriteCond %{HTTP_REFERER} ^(.*)bramjnet.com(.*)$ [OR]  
  7. RewriteCond %{HTTP_REFERER} ^(.*)voila.fr(.*)$ [OR]  
  8. RewriteCond %{HTTP_REFERER} ^(.*)anonym.to(.*)$ [OR]  
  9. RewriteCond %{HTTP_REFERER} ^(.*)infobox.ru(.*)$ [OR]  
  10. RewriteCond %{HTTP_REFERER} ^(.*)porndors.com(.*)$ [OR]  
  11. RewriteCond %{HTTP_REFERER} ^(.*)atspace.com(.*)$ [OR]  
  12. RewriteCond %{HTTP_REFERER} ^(.*)funpic.de(.*)$ [OR]  
  13. RewriteCond %{HTTP_REFERER} ^(.*)skynet.be(.*)$ [OR]  
  14. RewriteCond %{HTTP_REFERER} ^(.*)kokoom.com(.*)$ [OR]  
  15. RewriteCond %{HTTP_REFERER} ^(.*)jeeran.com(.*)$ [OR]  
  16. RewriteCond %{HTTP_REFERER} ^(.*)blog.cz(.*)$ [OR]  
  17. RewriteCond %{HTTP_REFERER} ^(.*)forumw.org(.*)$ [OR]  
  18. RewriteCond %{HTTP_REFERER} ^(.*)gfxgfx.net(.*)$ [OR]  
  19. RewriteCond %{HTTP_REFERER} ^(.*)fateback.com(.*)$ [OR]  
  20. RewriteCond %{HTTP_REFERER} ^(.*)volny.cz(.*)$ [OR]  
  21. RewriteCond %{HTTP_REFERER} ^(.*)thecanalgallery.com(.*)$ 


Mighty Gorgon [ Mon 08 Jan, 2007 18:42 ]
Post subject: Re: Extra Script For .htaccess
Thanks... too late for the beta, but ok for next release...


jz [ Thu 11 Jan, 2007 00:51 ]
Post subject: Re: Extra Script For .htaccess
No prob,

untill the final I'll probable have a few more


Mighty Gorgon [ Thu 11 Jan, 2007 02:31 ]
Post subject: Re: Extra Script For .htaccess
jz wrote: [View Post]
No prob,

untill the final I'll probable have a few more

We are waiting for them...




Powered by Icy Phoenix