Surpass Web Hosting Forums - View Single Post

uwwandrew · November 24th, 2007, 7:39 PM

I did not show it to them...not that I didn't want to it just somehow did not seem like their job.

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

# RewriteBase /

########## Begin Standard SEF Section
## ALL (RewriteCond) lines in this section are only required if you actually
## have directories named 'content' or 'component' on your server
## If you do not have directories with these names, comment them out.
#
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
#RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$ [NC]
#RewriteRule ^(content/|component/) index.php
#
########## End Standard SEF Section

########## Begin 3rd Party or Core SEF Section
#
#RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php
#
########## End 3rd Party or Core SEF Section

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*$.*$ [OR]
# Block out any script that includes a tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

November 24th, 2007, 7:39 PM	#3 (permalink)
uwwandrew Registered User Fresh Surpasser Joined in Mar 2007 11 posts Gave thanks: 1 Thanked 0 times	I did not show it to them...not that I didn't want to it just somehow did not seem like their job. # Uncomment following line if your webserver's URL # is not directly related to physical file paths. # Update Your Joomla! Directory (just / for root) # RewriteBase / ########## Begin Standard SEF Section ## ALL (RewriteCond) lines in this section are only required if you actually ## have directories named 'content' or 'component' on your server ## If you do not have directories with these names, comment them out. # #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes## #RewriteCond %{REQUEST_URI} (/\|\.htm\|\.php\|\.html\|/[^.])$ [NC] #RewriteRule ^(content/\|component/) index.php # ########## End Standard SEF Section ########## Begin 3rd Party or Core SEF Section # #RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes## RewriteCond %{REQUEST_URI} (/\|\.htm\|\.php\|\.html\|/[^.])$ [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule (.) index.php # ########## End 3rd Party or Core SEF Section ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=\|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.\(.\) [OR] # Block out any script that includes a tag in URL RewriteCond %{QUERY_STRING} (\<\|%3C).script.(\>\|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=\|\[\|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=\|\[\|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits