Back htaccess

Using htaccess to Prevent Hacking

WRITTEN BY ON 07 Jan 2011
19,345 VIEWS • SHARES
2 comments

If you want to increase the security level of your website, you can chuck these few lines of codes to prevent some common hacking techniques by detecting malicious URL patterns.

Apache

RewriteEngine On
 
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
 
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
 
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
 
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
 
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
 
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
 
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
Join the discussion

Comments will be moderated and rel="nofollow" will be added to all links. You can wrap your coding with [code][/code] to make use of built-in syntax highlighter.

2 comments
Unmotivated Genius 7 years ago
Nice post had already ran across a couple of these fixes, especially the base64 one, but its nice to see this list in its entirety and we'll be sure to look into implementing the rest.
Reply
Kustcom 3 years ago
Thanks for the snippet, rather small post though. I'm sure you could elaborate a little more. on base64_encode for example among others.

I was wondering what the first line actually does? I'm familiar with the script blocking, that's is pretty obvious but what about:
 RewriteCond %{QUERY_STRING} proc/self/environ [OR] 


On a side note, why rel=nofollow for comments when you dofollow all social networks? Why does facebook deserve all your pagerank juice over users who actually read your content and want to engage with you?

Thanks.
Reply