techpulsetoday · April 29, 2019 08:19
diff --git a/.htaccess b/.htaccess
 # 6G FIREWALL/BLACKLIST
 # @ https://perishablepress.com/6g/

 # 6G:[QUERY STRINGS]
 <IfModule mod_rewrite.c>
 	RewriteEngine On
 	RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
 	RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR]
 	RewriteCond %{QUERY_STRING} ([a-z0-9]{2000}) [NC,OR]
 	RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
 	RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR]
 	RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
 	RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR]
 	RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
 	RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]
 	RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]
 	RewriteCond %{QUERY_STRING} (\'|\")(.*)(drop|insert|md5|select|union) [NC]
 	RewriteRule .* - [F]
 </IfModule>

 # 6G:[REQUEST METHOD]
 <IfModule mod_rewrite.c>
 	RewriteCond %{REQUEST_METHOD} ^(connect|debug|delete|move|put|trace|track) [NC]
 	RewriteRule .* - [F]
 </IfModule>

 # 6G:[REFERRERS]
 <IfModule mod_rewrite.c>
 	RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000}) [NC,OR]
 	RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC]
 	RewriteRule .* - [F]
 </IfModule>

 # 6G:[REQUEST STRINGS]
 <IfModule mod_alias.c>
 	RedirectMatch 403 (?i)([a-z0-9]{2000})
 	RedirectMatch 403 (?i)(https?|ftp|php):/
 	RedirectMatch 403 (?i)(base64_encode)(.*)(\()
 	RedirectMatch 403 (?i)(=\\\'|=\\%27|/\\\'/?)\.
 	RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&amp;?)/?$
 	RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")
 	RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\\|\s|\{|\}|\[|\]|\|)
 	RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
 	RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
 	RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
 	RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
 </IfModule>

 # 6G:[USER AGENTS]
 <IfModule mod_setenvif.c>
 	SetEnvIfNoCase User-Agent ([a-z0-9]{2000}) bad_bot
 	SetEnvIfNoCase User-Agent (binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot
 	# Apache < 2.3
 	<IfModule !mod_authz_core.c>
 		Order Allow,Deny
 		Allow from all
 		Deny from env=bad_bot
 	</IfModule>

 	# Apache >= 2.3
 	<IfModule mod_authz_core.c>
 		<RequireAll>
 			Require all Granted
 			Require not env bad_bot
 		</RequireAll>
 	</IfModule>
 </IfModule>

 # 6G:[CUSTOM]
 <IfModule mod_alias.c>
 	RedirectMatch 403 (?i)/(readme\.html|readme\.txt|readme\.md|license\.txt)
 	RedirectMatch 403 (?i)debug.log
 </IfModule>

 # 6G END
	# 6G FIREWALL/BLACKLIST
	# @ https://perishablepress.com/6g/

	# 6G:[QUERY STRINGS]
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
	RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR]
	RewriteCond %{QUERY_STRING} ([a-z0-9]{2000}) [NC,OR]
	RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
	RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR]
	RewriteCond %{QUERY_STRING} (GLOBALS\|REQUEST)(=\|\[\|%) [NC,OR]
	RewriteCond %{QUERY_STRING} (<\|%3C)(.)script(.)(>\|%3) [NC,OR]
	RewriteCond %{QUERY_STRING} (\\\|\.\.\.\|\.\./\|~\|`\|<\|>\|\\|) [NC,OR]
	RewriteCond %{QUERY_STRING} (boot\.ini\|etc/passwd\|self/environ) [NC,OR]
	RewriteCond %{QUERY_STRING} (thumbs?(_editor\|open)?\|tim(thumb)?)\.php [NC,OR]
	RewriteCond %{QUERY_STRING} (\'\|\")(.*)(drop\|insert\|md5\|select\|union) [NC]
	RewriteRule .* - [F]
	</IfModule>

	# 6G:[REQUEST METHOD]
	<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_METHOD} ^(connect\|debug\|delete\|move\|put\|trace\|track) [NC]
	RewriteRule .* - [F]
	</IfModule>

	# 6G:[REFERRERS]
	<IfModule mod_rewrite.c>
	RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000}) [NC,OR]
	RewriteCond %{HTTP_REFERER} (semalt.com\|todaperfeita) [NC]
	RewriteRule .* - [F]
	</IfModule>

	# 6G:[REQUEST STRINGS]
	<IfModule mod_alias.c>
	RedirectMatch 403 (?i)([a-z0-9]{2000})
	RedirectMatch 403 (?i)(https?\|ftp\|php):/
	RedirectMatch 403 (?i)(base64_encode)(.*)(\()
	RedirectMatch 403 (?i)(=\\\'\|=\\%27\|/\\\'/?)\.
	RedirectMatch 403 (?i)/(\$(\&)?\|\*\|\"\|\.\|,\|&\|&?)/?$
	RedirectMatch 403 (?i)(\{0\}\|\(/\(\|\.\.\.\|\+\+\+\|\\\"\\\")
	RedirectMatch 403 (?i)(~\|`\|<\|>\|:\|;\|,\|%\|\\\|\s\|\{\|\}\|\[\|\]\|\\|)
	RedirectMatch 403 (?i)/(=\|\$&\|_mm\|cgi-\|etc/passwd\|muieblack)
	RedirectMatch 403 (?i)(&pws=0\|_vti_\|\(null\)\|\{\$itemURL\}\|echo(.*)kae\|etc/passwd\|eval\(\|self/environ)
	RedirectMatch 403 (?i)\.(aspx?\|bash\|bak?\|cfg\|cgi\|dll\|exe\|git\|hg\|ini\|jsp\|log\|mdb\|out\|sql\|svn\|swp\|tar\|rar\|rdf)$
	RedirectMatch 403 (?i)/(^$\|(wp-)?config\|mobiquo\|phpinfo\|shell\|sqlpatch\|thumb\|thumb_editor\|thumbopen\|timthumb\|webshell)\.php
	</IfModule>

	# 6G:[USER AGENTS]
	<IfModule mod_setenvif.c>
	SetEnvIfNoCase User-Agent ([a-z0-9]{2000}) bad_bot
	SetEnvIfNoCase User-Agent (binlar\|casper\|checkpriv\|choppy\|clshttp\|cmsworld\|diavol\|dotbot\|extract\|feedfinder\|flicky\|g00g1e\|harvest\|httrack\|kmccrew\|loader\|miner\|nikto\|nutch\|planetwork\|postrank\|purebot\|pycurl\|python\|seekerspider\|siclab\|skygrid\|sqlmap\|sucker\|turnit\|vikspider\|winhttp\|xxxyy\|youda\|zmeu\|zune) bad_bot
	# Apache < 2.3
	<IfModule !mod_authz_core.c>
	Order Allow,Deny
	Allow from all
	Deny from env=bad_bot
	</IfModule>

	# Apache >= 2.3
	<IfModule mod_authz_core.c>
	<RequireAll>
	Require all Granted
	Require not env bad_bot
	</RequireAll>
	</IfModule>
	</IfModule>

	# 6G:[CUSTOM]
	<IfModule mod_alias.c>
	RedirectMatch 403 (?i)/(readme\.html\|readme\.txt\|readme\.md\|license\.txt)
	RedirectMatch 403 (?i)debug.log
	</IfModule>

	# 6G END