Darksat IT Security Forums

Hardware, Software and Security => IT Security Forum => Topic started by: Darksat on February 23, 2011, 07:11:15 am



Title: Using htaccess to stop hacking attempts
Post by: Darksat on February 23, 2011, 07:11:15 am
If you want to increase the security level of your website, you can chuck these few lines of codes to prevent some common hacking techniques by detecting malicious URL patterns.
Code:
RewriteEngine On
 
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
 
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
 
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
 
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
 
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
 
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
 
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]






Source
http://forum.joomla.org/viewtopic.php?p=2193205


Title: Re: Using htaccess to stop hacking attempts
Post by: Defcon 5 on October 18, 2011, 03:01:39 am
Never even considered being hacked through htaccess, can't really think of any sites that actually take data from the url without going through XSS functions etc.