It matches SQL injection attempts via the User Agent string
George Boobyer iAugur
iAugur
/ php_substring_html.php
Last active
March 2, 2023 16:12
— forked from getmanzooronline/php_substring_html.php
PHP Substring without breaking words and HTML tags
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Truncates text. | |
| * | |
| * Cuts a string to the length of $length and replaces the last characters | |
| * with the ending if the text is longer than length. | |
| * | |
| * @param string $text String to truncate. | |
| * @param integer $length Length of returned string, including ellipsis. | |
| * @param string $ending Ending to be appended to the trimmed string. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta name="description" content="[add your bin description]"> | |
| <meta charset="utf-8"> | |
| <meta name="viewport" content="width=device-width"> | |
| <title>Organisation Chart</title> | |
| </head> | |
| <body> | |
| <div id="container"></div> |
iAugur
/ .htaccess (scrapers)
Last active
October 6, 2021 03:06
— forked from cyberwani/.htaccess
Block the HTTRACK using HTACCESS files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Options All -Indexes | |
| # Ultimate htaccess Blacklist 2 from Perishable Press | |
| # Deny domain access to spammers and other scumbags | |
| RewriteEngine on | |
| RewriteBase / | |
| RewriteCond %{HTTP_USER_AGENT} ADSARobot|ah-ha|almaden|aktuelles|Anarchie|amzn_assoc|ASPSeek|ASSORT|ATHENS|Atomz|attach|attache|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big.brother|BlackWidow|bmclient|Boston\ Project|BravoBrian\ SpiderEngine\ MarcoPolo|Bot\ mailto:[email protected]|Buddy|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|Collector|Copier|Crescent|Crescent\ Internet\ ToolPak|Custo|cyberalert|DA$|Deweb|diagem|Digger|Digimarc|DIIbot|DISCo|DISCo\ Pump|DISCoFinder|Download\ Demon|Download\ Wonder|Downloader|Drip|DSurf15a|DTS.Agent|EasyDL|eCatch|ecollector|efp@gmx\.net|Email\ Extractor|EirGrabber|email|EmailCollector|EmailSiphon|EmailWolf|Express\ WebPictures|ExtractorPro|EyeNetIE|FavOrg|fastlwspider|Favorites\ Sweeper|Fetch|FEZhead|FileHound|FlashGet\ WebWasher|FlickBot|fluffy|FrontPage|GalaxyBot|Generic|Getleft|GetRight| |
iAugur
/ Blocked Agents (scrapers)
Last active
October 6, 2021 03:05
A block list for web scrapers and malicious agents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SetEnvIfNoCase User-Agent "^Mozilla$" BlockedAgent | |
| SetEnvIfNoCase User-Agent "^Xaldon WebSpider" BlockedAgent | |
| SetEnvIfNoCase User-Agent "007ac9 Crawler" BlockedAgent | |
| SetEnvIfNoCase User-Agent "ADSARobot" BlockedAgent | |
| SetEnvIfNoCase User-Agent "ah-ha" BlockedAgent | |
| SetEnvIfNoCase User-Agent "AhrefsBot" BlockedAgent | |
| SetEnvIfNoCase User-Agent "aktuelles" BlockedAgent | |
| SetEnvIfNoCase User-Agent "almaden" BlockedAgent | |
| SetEnvIfNoCase User-Agent "amzn_assoc" BlockedAgent | |
| SetEnvIfNoCase User-Agent "Anarchie" BlockedAgent |
iAugur
/ Block request if header exists
Last active
March 30, 2021 13:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # block if request has header HTTP_USER_AGENTT | |
| # e.g. Useful to protect against the PHP "zerodium" backdoor | |
| # https://thehackernews.com/2021/03/phps-git-server-hacked-to-insert-secret.html | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteCond %{HTTP:HTTP_USER_AGENTT} !^$ | |
| RewriteRule ^ - [F] | |
| </IfModule> | |
| # Another approach would be to always unset the header from the request |
iAugur
/ Starting new git repo
Last active
February 4, 2021 10:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Steps for adding an existing project to a remote git repo service | |
| # Create a repor on a service such as Bitbucket / Github / Gitlab etc | |
| # The we want to add an existing project we have locally to that repo | |
| # | |
| # The steps involved are: | |
| # 1) Intialise a local repo in the folder with the files to be committed | |
| # 2) Create a gitignore file (ensure we don't commit sensitive files) | |
| # 3) Add the files to be committed (ensure we have a gitignore so we don't commit sensitve files) | |
| # 4) Set the remote origin to our service repo (bitbucket/Github etc) | |
| # 5) Push the files to the remote |
iAugur
/ wp-permissions-script
Last active
January 8, 2021 17:13
Configure permissions on a WordPress site. Lock files or open them for update
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Configure permissions on a WordPress site. Lock files or open them for plugin/theme updates. This script configures WordPress file permissions based on recommendations | |
| # from http://codex.wordpress.org/Hardening_WordPress#File_permissions | |
| # USAGE: ./script.sh /path/to/wordpress/directory wp_content_folder_name close_or_open | |
| # 👆this script name👆 👆wordpress directory👆 👆wp-content folder name👆 👆"open" only for updates then "close"👆 | |
| # | |
| # EXAMPLE : ./script.sh /var/www/html wp-content close __OR__ ./script.sh /var/www/html wp-content open | |
| # | |
| # Pass open as the third variable only when you wish to update plugins/themes, run the same script again with close as third variable to set secure permissions |
iAugur
/ Rename Repo 'Master' Branch
Last active
February 4, 2021 09:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Steps for renaming your master branch to 'main' | |
| # Adapted from | |
| # https://dev.to/rhymu8354/git-renaming-the-master-branch-137b | |
| # https://www.hanselman.com/blog/EasilyRenameYourGitDefaultBranchFromMasterToMain.aspx | |
| #---------------------------------------------------------------------------------------------# | |
| # A) - Steps if you have no remote / upstream | |
| # B) - Steps if you are the repo owner and have a remote / upstream | |
| # C) - Steps if you are using a repo where the upstream main branch has been renamed |
NewerOlder