Last active
April 27, 2023 09:55
-
-
Save acecconato/ab2cd90bcf1bd12014b12cf01f64c842 to your computer and use it in GitHub Desktop.
.htaccess security rules
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Block base64 injections | |
| RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] | |
| # Block out any script that includes a <script> tag in URL. | |
| RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] | |
| # Block out any script trying to set a PHP GLOBALS variable via URL. | |
| RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] | |
| # Block out any script trying to modify a _REQUEST variable via URL. | |
| RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) | |
| # Return 403 Forbidden header and show the content of the root homepage | |
| RewriteRule .* index.php [F] | |
| ########## Begin - File injection protection, by SigSiu.net | |
| RewriteCond %{REQUEST_METHOD} GET | |
| RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] | |
| RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] | |
| RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] | |
| RewriteRule .* - [F] | |
| ########## End - File injection protection | |
| ## Explicitly allow access only to XML-RPC's xmlrpc/index.php or plain xmlrpc/ directory | |
| RewriteRule ^xmlrpc/(index\.php)?$ - [L] | |
| RewriteRule ^xmlrpc/ - [F] | |
| <IfModule mod_headers.c> | |
| Header set X-Content-Type-Options nosniff | |
| Header set X-XSS-Protection "1; mode=block" | |
| Header set X-Frame-Options: "sameorigin" | |
| Header unset X-Powered-By | |
| </IfModule> | |
| # Protect htaccess# | |
| <Files ~ "^.*.([Hh][Tt][Aa])"> | |
| order allow,deny | |
| deny from all | |
| satisfy all | |
| </Files> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment