obiPlabon · November 24, 2018 20:05
diff --git a/.htaccess b/.htaccess
 #stop directory browsing
 Options All -Indexes

 # SSL Https active Force non-www
 <IfModule mod_rewrite.c>
   RewriteEngine on
   RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
   RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
   RewriteCond %{HTTPS} !=on
   RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
 </IfModule>

 # SSL Https Active Force www in a Generic Way
 <IfModule mod_rewrite.c>
   RewriteEngine on
   RewriteCond %{HTTP_HOST} !^$
   RewriteCond %{HTTP_HOST} !^www\. [NC]
   RewriteCond %{HTTPS}s ^on(s)|
   RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
 </IfModule>

 #AIOWPS_PREVENT_IMAGE_HOTLINKS_START
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{HTTP_REFERER} !^$
 RewriteCond %{REQUEST_FILENAME} -f
 RewriteCond %{REQUEST_FILENAME} \.(gif|jpe?g?|png)$ [NC]
 RewriteCond %{HTTP_REFERER} !^http(s)?://univahost\.com [NC]
 RewriteRule \.(gif|jpe?g?|png)$ - [F,NC,L]
 </IfModule>
 #AIOWPS_PREVENT_IMAGE_HOTLINKS_END


 # Text FIle access
 <files file.txt>
 order allow,deny
 deny from all
 </files>


 # Block double extensions from being uploaded or accessed, including htshells
 <FilesMatch ".*\.([^.]+)\.([^.]+)$">
 Order Deny,Allow
 Deny from all
 </FilesMatch>

 # secure uploads directory
 <FilesMatch "\.(jpg|jpeg|jpe|gif|png|tif|tiff)$">
    Order Deny,Allow
    Allow from all
 </FilesMatch>


 # Block shell uploaders, htshells, and other baddies
 RewriteCond %{REQUEST_URI} ((php|my|bypass)?shell|remview.*|phpremoteview.*|sshphp.*|pcom|nstview.*|c99|c100|r57|webadmin.*|phpget.*|phpwriter.*|fileditor.*|locus7.*|storm7.*)\.(p?s?x?htm?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]
 RewriteCond %{REQUEST_URI} (\.exe|\.php\?act=|\.tar|_vti|afilter=|algeria\.php|chbd|chmod|cmd|command|db_query|download_file|echo|edit_file|eval|evil_root|exploit|find_text|fopen|fsbuff|fwrite|friends_links\.|ftp|gofile|grab|grep|htshell|\ -dump|logname|lynx|mail_file|md5|mkdir|mkfile|mkmode|MSOffice|muieblackcat|mysql|owssvr\.dll|passthru|popen|proc_open|processes|pwd|rmdir|root|safe0ver|search_text|selfremove|setup\.php|shell|ShellAdresi\.TXT|spicon|sql|ssh|system|telnet|trojan|typo3|uname|unzip|w00tw00t|whoami|xampp) [NC,OR]
 RewriteCond %{QUERY_STRING} (\.exe|\.tar|act=|afilter=|alter|benchmark|chbd|chmod|cmd|command|cast|char|concat|convert|create|db_query|declare|delete|download_file|drop|edit_file|encode|environ|eval|exec|exploit|find_text|fsbuff|ftp|friends_links\.|globals|gofile|grab|insert|localhost|logname|loopback|mail_file|md5|meta|mkdir|mkfile|mkmode|mosconfig|muieblackcat|mysql|order|passthru|popen|proc_open|processes|pwd|request|rmdir|root|scanner|script|search_text|select|selfremove|set|shell|sql|sp_executesql|spicon|ssh|system|telnet|trojan|truncate|uname|union|unzip|whoami) [NC]
 RewriteRule .* - [F]



 # Follow symbolic links in this directory.
 Options +FollowSymLinks

 # Set the default handler.
 DirectoryIndex index.php index.html index.htm

 # Set the default handler.
 DirectoryIndex index.php index.html index.htm

 # Override PHP settings that cannot be changed at runtime. See
 # sites/default/default.settings.php and drupal_environment_initialize() in
 # includes/bootstrap.inc for settings that can be changed at runtime.

 # PHP 5, Apache 1 and 2.
 <IfModule mod_php5.c>
  php_flag magic_quotes_gpc                 off
  php_flag magic_quotes_sybase              off
  php_flag register_globals                 off
  php_flag session.auto_start               off
  php_value mbstring.http_input             pass
  php_value mbstring.http_output            pass
  php_flag mbstring.encoding_translation    off
 </IfModule>

 # Default Carset
 AddDefaultCharset utf-8
 DirectoryIndex index.html index.htm index.php

 # File Control
 <FilesMatch ".(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$">
  Header set Cache-Control "max-age=2592000"
 </FilesMatch>

 # Htaccess File Security
 <Files .htaccess>
 order allow,deny
 deny from all
 </Files>
	#stop directory browsing
	Options All -Indexes

	# SSL Https active Force non-www
	<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
	RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
	RewriteCond %{HTTPS} !=on
	RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
	</IfModule>

	# SSL Https Active Force www in a Generic Way
	<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteCond %{HTTP_HOST} !^$
	RewriteCond %{HTTP_HOST} !^www\. [NC]
	RewriteCond %{HTTPS}s ^on(s)\|
	RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
	</IfModule>

	#AIOWPS_PREVENT_IMAGE_HOTLINKS_START
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTP_REFERER} !^$
	RewriteCond %{REQUEST_FILENAME} -f
	RewriteCond %{REQUEST_FILENAME} \.(gif\|jpe?g?\|png)$ [NC]
	RewriteCond %{HTTP_REFERER} !^http(s)?://univahost\.com [NC]
	RewriteRule \.(gif\|jpe?g?\|png)$ - [F,NC,L]
	</IfModule>
	#AIOWPS_PREVENT_IMAGE_HOTLINKS_END


	# Text FIle access
	<files file.txt>
	order allow,deny
	deny from all
	</files>


	# Block double extensions from being uploaded or accessed, including htshells
	<FilesMatch ".*\.([^.]+)\.([^.]+)$">
	Order Deny,Allow
	Deny from all
	</FilesMatch>

	# secure uploads directory
	<FilesMatch "\.(jpg\|jpeg\|jpe\|gif\|png\|tif\|tiff)$">
	Order Deny,Allow
	Allow from all
	</FilesMatch>


	# Block shell uploaders, htshells, and other baddies
	RewriteCond %{REQUEST_URI} ((php\|my\|bypass)?shell\|remview.\|phpremoteview.\|sshphp.\|pcom\|nstview.\|c99\|c100\|r57\|webadmin.\|phpget.\|phpwriter.\|fileditor.\|locus7.\|storm7.)\.(p?s?x?htm?l?\|txt\|aspx?\|cfml?\|cgi\|pl\|php[3-9]{0,1}\|jsp?\|sql\|xml) [NC,OR]
	RewriteCond %{REQUEST_URI} (\.exe\|\.php\?act=\|\.tar\|_vti\|afilter=\|algeria\.php\|chbd\|chmod\|cmd\|command\|db_query\|download_file\|echo\|edit_file\|eval\|evil_root\|exploit\|find_text\|fopen\|fsbuff\|fwrite\|friends_links\.\|ftp\|gofile\|grab\|grep\|htshell\|\ -dump\|logname\|lynx\|mail_file\|md5\|mkdir\|mkfile\|mkmode\|MSOffice\|muieblackcat\|mysql\|owssvr\.dll\|passthru\|popen\|proc_open\|processes\|pwd\|rmdir\|root\|safe0ver\|search_text\|selfremove\|setup\.php\|shell\|ShellAdresi\.TXT\|spicon\|sql\|ssh\|system\|telnet\|trojan\|typo3\|uname\|unzip\|w00tw00t\|whoami\|xampp) [NC,OR]
	RewriteCond %{QUERY_STRING} (\.exe\|\.tar\|act=\|afilter=\|alter\|benchmark\|chbd\|chmod\|cmd\|command\|cast\|char\|concat\|convert\|create\|db_query\|declare\|delete\|download_file\|drop\|edit_file\|encode\|environ\|eval\|exec\|exploit\|find_text\|fsbuff\|ftp\|friends_links\.\|globals\|gofile\|grab\|insert\|localhost\|logname\|loopback\|mail_file\|md5\|meta\|mkdir\|mkfile\|mkmode\|mosconfig\|muieblackcat\|mysql\|order\|passthru\|popen\|proc_open\|processes\|pwd\|request\|rmdir\|root\|scanner\|script\|search_text\|select\|selfremove\|set\|shell\|sql\|sp_executesql\|spicon\|ssh\|system\|telnet\|trojan\|truncate\|uname\|union\|unzip\|whoami) [NC]
	RewriteRule .* - [F]



	# Follow symbolic links in this directory.
	Options +FollowSymLinks

	# Set the default handler.
	DirectoryIndex index.php index.html index.htm

	# Set the default handler.
	DirectoryIndex index.php index.html index.htm

	# Override PHP settings that cannot be changed at runtime. See
	# sites/default/default.settings.php and drupal_environment_initialize() in
	# includes/bootstrap.inc for settings that can be changed at runtime.

	# PHP 5, Apache 1 and 2.
	<IfModule mod_php5.c>
	php_flag magic_quotes_gpc off
	php_flag magic_quotes_sybase off
	php_flag register_globals off
	php_flag session.auto_start off
	php_value mbstring.http_input pass
	php_value mbstring.http_output pass
	php_flag mbstring.encoding_translation off
	</IfModule>

	# Default Carset
	AddDefaultCharset utf-8
	DirectoryIndex index.html index.htm index.php

	# File Control
	<FilesMatch ".(flv\|gif\|jpg\|jpeg\|png\|ico\|swf\|js\|css\|pdf)$">
	Header set Cache-Control "max-age=2592000"
	</FilesMatch>

	# Htaccess File Security
	<Files .htaccess>
	order allow,deny
	deny from all
	</Files>