-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path_htaccess
82 lines (65 loc) · 3.01 KB
/
_htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
## REWRITE DEFAULTS ###
RewriteEngine On
RewriteBase /
SetEnv is_special foobar
#allow .htm extensions to run php
AddType application/x-httpd-php .htm
#AuthUserFile /home/users/web/b2201/nf.shawnstark/.htpasswd
#AuthName "Please Log In"
#AuthType Basic
#require valid-user
#RewriteCond %{HTTP_HOST} !^localhost$ [NC]
#RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
#Multiple slash rule doesnt handle leading slashes
#Forbid more than one leading slash
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/{2,} [NC]
RewriteRule ^ - [L,F]
#http://www.esecurityplanet.com/open-source-security/top-5-wordpress-vulnerabilities-and-how-to-fix-them.html
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} tag\= [NC,OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR]
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare).* [NC]
RewriteRule ^(.*)$ - [F,L]
#Remove multiple slashes anywhere in URL
RewriteCond %{REQUEST_URI} ^(.*)//(.*)$
RewriteRule . %1/%2 [R,L,QSA]
#RewriteRule ^(([^/]+)*)/+(.*)$ /$1$3 [R=301,L]
#Remove trailing slash
#RewriteCond %{REQUEST_URI} ^(.*)/$
#RewriteRule . %1 [R,L,QSA]
#Direct empty requests to system organization
RewriteRule ^$ /switch/palacegate [R=301,L,QSA]
#Direct request for enter.php to system organization
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /switch/enter\.php\ HTTP/
RewriteRule ^enter\.php$ switch/palacegate [R=301,L,QSA]
#Direct request for index.php to system organization
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /switch/index\.php\ HTTP/
RewriteRule ^index\.php$ /switch/palacegate [R=301,L,QSA]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /switch/lust\.php\ HTTP/
RewriteRule ^lust\.php$ /switch/palacegate [R=301,L,QSA]
#RewriteRule ^palacegate/$ / [R=301,L,QSA]
#finally lower the draw bridge
#RewriteCond %{REQUEST_URI} ^/switch/hiddengate$
#RewriteRule .* /traditional/ [NC,L,PT]
RewriteCond %{REQUEST_URI} ^/switch/hiddengate/(.*)$
RewriteRule .* switch/traditional/%1 [NC,L,PT]
#RewriteCond %{REQUEST_URI} ^/switch/crosscut/(.*)$
#RewriteRule .* switch/palacegate/%1 [NC,L,PT]
#Handle external requests not destine for hiddengate
RewriteCond %{REQUEST_URI} !^/switch/enter\.php$
RewriteCond %{REQUEST_URI} !^/switch/traditional(.*)$
RewriteCond %{REQUEST_URI} ^/switch/(.*)$
RewriteRule .* /switch/enter.php [NC,L,PT]