Permalink
Find file
Fetching contributors…
Cannot retrieve contributors at this time
135 lines (111 sloc) 5.92 KB
#php_flag register_globals 0
#php_flag register_globals off
#php_flag magic_quotes_gpc on
#php_value memory_limit 16M
#Options +FollowSymlinks
# Disable the files listing feature
#Options All -Indexes
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
### MOD REWRITE ###
<IfModule mod_rewrite.c>
RewriteEngine On
#This may cause issues with subdirs and so it is not enabled by default.
#RewriteBase /
#Make sure the whole site goes to www.mysite.com instead of mysite.com. This is good for the search engines
#Edit and uncomment the below lines for your own site.
#Make sure to replace icyphoenix.com with your site address.
#RewriteCond %{HTTP_HOST} ^icyphoenix.com [NC]
#RewriteRule (.*) http://www.icyphoenix.com/$1 [R=301,L]
#Permanent redirection of a folder: example --> www.domain.com/old/ --> www.domain.com/new/
#RewriteRule old/(.*)$ new/$1 [R=301,L]
#Permanent redirection from WWW to domain name only: example --> www.domain.com --> domain.com
#RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
#RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
#Permanent redirection (the first line is the old domain, the second one is the new domain)
#RewriteCond %{HTTP_HOST} ^icyphoenix.com [NC]
#RewriteRule ^(.*)$ http://www.icyphoenix.com/$1 [R=301,L]
########## Rewrite rules to block out some common exploits - BEGIN
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [NC,OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [NC,OR]
# Various
RewriteCond %{REQUEST_URI} ^/(bin/|cgi/|cgi\-local/|cgi\-bin/|sumthin) [NC,OR]
RewriteCond %{THE_REQUEST} ^GET\ http [NC,OR]
RewriteCond %{REQUEST_METHOD}!^(GET|HEAD|POST) [NC,OR]
# You may want to enable these lines below to disallow php and perl scripts to access your site
#RewriteCond %{HTTP_USER_AGENT} ^.*PHP.*$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*libwww-perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^libwww.* [NC]
# Send all blocked request to homepage with 403 Forbidden error!
# Please make sure the last "RewriteCond" doesn't end with [OR] otherwise "RewriteRule" will be forced!!!
RewriteRule !(errors\.php|robots\.txt) ./errors.php?code=403 [F,L]
# You may use any other of these RewriteRule if you wish...
# Used to send these bots to someplace else you can change the url to whatever you would like
#RewriteRule .* http://www.microsoft.com/ [F,R,L]
#RewriteRule /* http://www.geocities.com/WestHollywood/Heights/3204/1home.html [L,R]
# This could also be used to simply deny access to your site instead of the one above
#RewriteRule .* - [F,L]
#
########## Rewrite rules to block out some common exploits - END
########## URL Rewrite - BEGIN
RewriteRule ^.+-vf([0-9]*)-vt([0-9]*)-vp([0-9]*) ./viewtopic.php?f=$1&t=$2&p=$3&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*)-vt([0-9]*) ./viewtopic.php?f=$1&t=$2&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*)-vp([0-9]*) ./viewtopic.php?f=$1&p=$2&%{QUERY_STRING} [L]
RewriteRule ^.+-vc([0-9]*) ./forum.php?c=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vf([0-9]*) ./viewforum.php?f=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vt([0-9]*) ./viewtopic.php?t=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-vp([0-9]*) ./viewtopic.php?p=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-profile-u([0-9]*) ./profile.php?mode=viewprofile&u=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-ac([0-9]*) ./album_cat.php?cat_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-aspf([0-9]*) ./album_showpage.php?pic_id=$1&full=true&%{QUERY_STRING} [L]
RewriteRule ^.+-asp([0-9]*) ./album_showpage.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-aper([0-9]*) ./album_personal.php?user_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-apic([0-9]*) ./album_pic.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-apm([0-9]*) ./album_picm.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-at([0-9]*) ./album_thumbnail.php?pic_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-dc([0-9]*) ./dload.php?action=category&cat_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-df([0-9]*) ./dload.php?action=file&file_id=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kbc([0-9]*) ./kb.php?mode=cat&cat=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kba([0-9]*) ./kb.php?mode=article&k=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-kbsmp ./kb.php?mode=stats&stats=mostpopular&%{QUERY_STRING} [L]
RewriteRule ^.+-kbstr ./kb.php?mode=stats&stats=toprated&%{QUERY_STRING} [L]
RewriteRule ^.+-kbsl ./kb.php?mode=stats&stats=latest&%{QUERY_STRING} [L]
RewriteRule ^.+-pbc([0-9]*) ./kb.php?mode=cat&cat=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-pa([0-9]*) ./kb.php?mode=article&k=$1&%{QUERY_STRING} [L]
RewriteRule ^.+-psmp ./kb.php?mode=stats&stats=mostpopular&%{QUERY_STRING} [L]
RewriteRule ^.+-pstr ./kb.php?mode=stats&stats=toprated&%{QUERY_STRING} [L]
RewriteRule ^.+-pbsl ./kb.php?mode=stats&stats=latest&%{QUERY_STRING} [L]
########## URL Rewrite - END
</IfModule>
##################################
# Errors Pages - BEGIN #
##################################
##################################
# Decomment these lines to enable error document management.
# You can add absolute path if you want always the correct path being parsed.
# Something like:
# ErrorDocument 400 http://www.icyphoenix.com/errors.php?code=400
##################################
ErrorDocument 400 /errors.php?code=400
ErrorDocument 401 /errors.php?code=401
ErrorDocument 403 /errors.php?code=403
ErrorDocument 404 /errors.php?code=404
ErrorDocument 500 /errors.php?code=500
##################################
# Errors Pages - END #
##################################