Permalink
Switch branches/tags
Nothing to show
Find file
Fetching contributors…
Cannot retrieve contributors at this time
187 lines (157 sloc) 8.88 KB
#php_flag register_globals 0
#php_flag register_globals off
#php_flag magic_quotes_gpc on
#php_value memory_limit 16M
#Options +FollowSymlinks
# Disable the files listing feature
#Options All -Indexes
##################################
# Errors Pages - BEGIN #
##################################
##################################
# Decomment these lines to enable error document management.
# You can add absolute path if you want always the correct path being parsed.
# Something like:
# ErrorDocument 400 http://www.icyphoenix.com/errors.php?code=400
##################################
#ErrorDocument 400 /errors.php?code=400
#ErrorDocument 401 /errors.php?code=401
#ErrorDocument 403 /errors.php?code=403
#ErrorDocument 404 /errors.php?code=404
#ErrorDocument 500 /errors.php?code=500
##################################
# Errors Pages - END #
##################################
RewriteEngine On
#This may cause issues with subdirs and so it is not enabled by default.
#RewriteBase /
#Make sure the whole site goes to www.mysite.com instead of mysite.com. This is good for the search engines
#Edit and uncomment the below lines for your own site.
#Make sure to replace icyphoenix.com with your site address.
#RewriteCond %{HTTP_HOST} ^icyphoenix.com
#RewriteRule (.*) http://www.icyphoenix.com/$1 [R=301,L]
#Permanent redirection (the first line is the old domain, the second one is the new domain)
#RewriteCond %{HTTP_HOST} ^icyphoenix.com [NC]
#RewriteRule ^(.*)$ http://www.icyphoenix.com/$1 [R=301,L]
########## Rewrite rules to block out some common exploits - BEGIN
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## Rewrite rules to block out some common exploits - END
########## URL Rewrite - BEGIN
RewriteRule ^.+-vf([0-9]*)-vt([0-9]*)-vp([0-9]*) ./viewtopic.php?f=$1&t=$2&p=$3&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*)-vt([0-9]*) ./viewtopic.php?f=$1&t=$2&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*)-vp([0-9]*) ./viewtopic.php?f=$1&p=$2&%{QUERY_STRING} [L]
RewriteRule ^.+-vc([0-9]*) ./forum.php?c=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*) ./viewforum.php?f=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vt([0-9]*) ./viewtopic.php?t=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vp([0-9]*) ./viewtopic.php?p=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-profile-u([0-9]*) ./profile.php?mode=viewprofile&u=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-ac([0-9]*) ./album_cat.php?cat_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-aspf([0-9]*) ./album_showpage.php?pic_id=$1&full=true&%{QUERY_STRING} [L]
RewriteRule ^.+-asp([0-9]*) ./album_showpage.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-aper([0-9]*) ./album_personal.php?user_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-apic([0-9]*) ./album_pic.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-apm([0-9]*) ./album_picm.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-at([0-9]*) ./album_thumbnail.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-dc([0-9]*) ./dload.php?action=category&cat_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-df([0-9]*) ./dload.php?action=file&file_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kbc([0-9]*) ./kb.php?mode=cat&cat=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kba([0-9]*) ./kb.php?mode=article&k=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kbsmp ./kb.php?mode=stats&stats=mostpopular&%{QUERY_STRING} [L]
RewriteRule ^.+-kbstr ./kb.php?mode=stats&stats=toprated&%{QUERY_STRING} [L]
RewriteRule ^.+-kbsl ./kb.php?mode=stats&stats=latest&%{QUERY_STRING} [L]
RewriteRule ^.+-pbc([0-9]*) ./kb.php?mode=cat&cat=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-pa([0-9]*) ./kb.php?mode=article&k=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-psmp ./kb.php?mode=stats&stats=mostpopular&%{QUERY_STRING} [L]
RewriteRule ^.+-pstr ./kb.php?mode=stats&stats=toprated&%{QUERY_STRING} [L]
RewriteRule ^.+-pbsl ./kb.php?mode=stats&stats=latest&%{QUERY_STRING} [L]
########## URL Rewrite - END
# Block if useragent and referer are unknown.
# the referer string can cause some problems with mozilla so it has been disabled
#RewriteCond %{HTTP_REFERER} ^.*$ [OR]
#RewriteCond %{HTTP_REFERER} ^-$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^-$ [OR]
# You may want to enable these lines below to disallow php and perl scripts to access your site
#RewriteCond %{HTTP_USER_AGENT} ^.*PHP.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*libwww-perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^libwww.* [NC]
RewriteRule .* - [F,L]
#SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
#Deny from env=block_bad_bots
### VIRUS - EXPLOITS - BEGIN
# SANTY
RewriteCond %{HTTP_REFERER} ^.*$
RewriteRule ^.*%27.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*%25.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*rush=.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*echr.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*esystem.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*wget.*$ http://127.0.0.1/ [redirect,last]
RewriteCond %{HTTP_COOKIE}% s:(.*):%22test1%22%3b
RewriteRule ^.*$ http://127.0.0.1/ [R,L]
# Prevent perl user agent (most often used by santy)
RewriteCond %{HTTP_USER_AGENT} ^lwp.* [NC]
RewriteRule ^.*$ http://127.0.0.1/ [R,L]
# This ruleset is to "stop" stupid attempts to use MS IIS expolits on us
# NIMDA
RewriteCond %{REQUEST_URI} /(admin¦cmd¦httpodbc¦nsiislog¦root¦shell)\.(dll¦exe) [NC]
RewriteRule !(error\.php|robots\.txt) /error.php?mode=nimda [L,E=HTTP_USER_AGENT:NIMDA_EXPLOIT,T=application/x-httpd-cgi]
# CODERED
RewriteCond %{REQUEST_URI} /default\.(ida¦idq)$ [NC,OR]
RewriteCond %{REQUEST_URI} /.*\.printer$ [NC]
RewriteRule !(error\.php|robots\.txt) /error.php?mode=codered [L,E=HTTP_USER_AGENT:CODERED_EXPLOIT,T=application/x-httpd-cgi]
### VIRUS - EXPLOITS - END
# User-Agents with no privileges (mostly spambots/spybots/offline downloaders that ignore robots.txt)
# These bots are anoying website harvesting tools, webdownloaders, and a few misc annoyances.
# Bots ignoring robots.txt - BEGIN
#RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR]
### All bots removed to speed up things in htaccess...
# Bots ignoring robots.txt - END
# Rude Bots - BEGIN
### All bots removed to speed up things in htaccess...
# Rude Bots - END
# SPAM Referers - BEGIN
### All bots removed to speed up things in htaccess...
# SPAM Referers - END
# IE's "make available offline" mode
RewriteCond %{HTTP_USER_AGENT} MSIECrawler [OR]
# Various
RewriteCond %{REQUEST_URI} ^/(bin/|cgi/|cgi\-local/|cgi\-bin/|sumthin) [NC,OR]
RewriteCond %{THE_REQUEST} ^GET\ http [NC,OR]
RewriteCond %{REQUEST_METHOD}!^(GET|HEAD|POST) [NC,OR]
# Cyveillance is a spybot that scours the web for copyright violations and ?damaging information? on
# behalf of clients such as the RIAA and MPAA. Their robot spoofs its User-Agent to look like Internet
# Explorer, and it completely ignores robots.txt. So it has been banned it by IP address.
RewriteCond %{REMOTE_ADDR} ^63\.148\.99\.2(2[4-9]|[34][0-9]|5[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^63\.226\.3[34]\. [OR]
RewriteCond %{REMOTE_ADDR} ^63\.212\.171\.161$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.118\.41\.(19[2-9]|2[01][0-9]|22[0-3])$ [OR]
# NameProtect peddles their ?online brand monitoring? to unsuspecting and gullible companies
# looking for people to sue. Despite the claims on their robot information page, they do not
# respect robots.txt; in fact, they spoof their User-Agent in multiple ways to avoid detection.
# I have banned them by User-Agent and IP address.
RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot [NC,OR]
# This ruleset is for formmail script abusers...
# We don't use Perl for Postnuke so this is not really needed.
RewriteCond %{REQUEST_URI} (mail.?form|form|form.?mail|mail|mailto)\.(cgi¦exe¦pl)$ [NC]
# Used to send these bots to someplace else you can change the url to whatever you would like
#RewriteRule .* http://www.microsoft.com/ [F,R,L]
#RewriteRule /* http://www.geocities.com/WestHollywood/Heights/3204/1home.html [L,R]
#RewriteRule !(errors\.php|robots\.txt) /errors.php?code=404 [L,E=HTTP_USER_AGENT:BAD_USER_AGENT]
#RewriteRule !(errors\.php|robots\.txt) /errors.php?code=404 [L,E=HTTP_USER_AGENT:FORMMAIL_EXPLOIT,T=application/x-httpd-cgi]
# This could also be used to simply deny access to your site instead of the one above
RewriteRule .* - [F,L]