AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/dns/in/olympe/manylinks/manylinks/sec/.htBarbatruc"
Require valid-user
<Files .htaccess>
order allow,deny
deny from all
</Files>
###FILTRE CONTRE CERTAINS ROBOTS DES PIRATES
RewriteEngine On
## EXCEPTION: TOUS LES ROBOTS MEMES ANONYMES OU BANNIS PEUVENT ACCEDER A CES FICHIERS
RewriteCond %{REQUEST_URI} !^/robots.txt
RewriteCond %{REQUEST_URI} !^/sitemap.xml
##
RewriteCond %{HTTP_USER_AGENT} ^-?$ [OR] ## ANONYMES
RewriteCond %{HTTP_USER_AGENT} ^[bcdfghjklmnpqrstvwxz ]{8,}|^[0-9a-z]{15,}|^[0-9A-Za-z]{19,}|^[A-Za-z]{3,} [a-z]{4,} [a-z]{4,} [OR] ## CEUX QUI INVENTENT DES NOMS AU HASARD
RewriteCond %{HTTP_USER_AGENT} ^<sc|<?|^adwords|@nonymouse|Advanced Email Extractor|almaden|anonymous|Art-Online|autoemailspider|blogsearchbot-martin|CherryPicker|compatible ;|Crescent Internet ToolPack|Digger|DirectUpdate|Download Accelerator|^eCatch|echo extense|EmailCollector|EmailWolf|Extractor|flashget|frontpage|Go!Zilla|grub crawler|HTTPConnect|httplib|HttpProxy|HTTP agent|HTTrack|^ia_archive|IDBot|id-search|Indy Library|^Internet Explorer|^IPiumBot|Jakarta Commons|^Kapere|Microsoft Data|Microsoft URL|^minibot(NaverRobot)|^Moozilla|^Mozilla$|^MSIE|MJ12bot|Movable Type|NICErsPRO|^NPBot|Nutch|Nutscrape/|^Offline Explorer|^Offline Navigator|OmniExplorer|^Program Shareware|psycheclone|PussyCat|PycURL|python|QuepasaCreep|SiteMapper|Star Downloader|sucker|SurveyBot|Teleport Pro|Telesoft|TrackBack|Turing|TurnitinBot|^user|^User-Agent: |^User Agent: |vobsub|webbandit|WebCapture|webcollage|WebCopier|WebDAV|WebEmailExtractor|WebReaper|WEBsaver|WebStripper|WebZIP|widows|Wysigot|Zeus|Zeus.*Webster [NC,OR] ## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
RewriteCond %{HTTP_USER_AGENT} ^curl|^Fetch API Request|GT::WWW|^HTTP::Lite|httplib|^Java/1.|^Java 1.|^LWP|libWeb|libwww|^PEAR|PECL::HTTP|PHPCrawl|python|Rsync|Snoopy|^URI::Fetch|WebDAV|^Wget [NC] ## BIBLIOTHEQUES / CLASSES HTTP DONT ON NE VEUT PAS. ATTENTION, CELA PEUT BLOQUER CERTAINES FONCTIONS DE VOTRE CMS. NE PAS TOUT EFFACER, MAIS CHERCHEZ LE NOM DE LA CLASSE HTTP CONCERNEE (DEMANDEZ AUX DEVELOPPEURS DE VOTRE CMS). CETTE LISTE BLOQUE 80% DES ROBOTS SPAMMEURS. IL FAUT LA CONSERVER.
### ON EVITE LE VOL D'IMAGES, VIDEO, SON, FEUILLE DE STYLE, PDF ET ZIP
### LES VISITEURS DOIVENT PASSER PAR LE SITE.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://[-_a-z0-9.]*manylinks.fr$ [NC]
RewriteCond %{HTTP_REFERER} !^http://[-_a-z0-9.]*manylinks.fr/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https?://.*translate.*$ [NC]
RewriteRule .*.(gif|jpe?g?|jp2|png|svgz?|ico|css|pdf|zip|gz|js|mp3|m4a|mp4|mov|divx|avi|wma?v?|wmp|swf|flv|docx?|xlsx?|pptx?|vbs|rtf|asf?x?|odt|ods|odp|odg|odb)$ - [NC,F]
### DES FAUX URLS, ON LES NEUTRALISE
RedirectMatch gone ^/_vti.*
RedirectMatch gone ^/MSOffice.*
RedirectMatch gone ^[-_a-z0-9/.]*//.*
RedirectMatch gone ^.*/etc/passwd.*
### FILTRE CONTRE XSS, REDIRECTIONS HTTP, base64_encode, VARIABLE PHP GLOBALS VIA URL, MODIFIER VARIABLE _REQUEST VIA URL, TEST DE FAILLE PHP, INJECTION SQL SIMPLE
RewriteEngine On
RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
RewriteCond %{QUERY_STRING} ^(.*)(%3C|<)/?script(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)?javascript(%3A|:)(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)document.location.href(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)http(%3A|:)(/|%2F){2}(.*)$ [NC,OR] ## ATTENTION A CETTE REGLE. ELLE PEUT CASSER CERTAINES REDIRECTIONS RESSEMBLANT A: http://www.truc.fr/?r=http://www.google.fr ##
RewriteCond %{QUERY_STRING} ^(.*)base64_encode(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)GLOBALS(=|[|%[0-9A-Z]{0,2})(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)_REQUEST(=|[|%[0-9A-Z]{0,2})(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)(SELECT(%20|+)|UNION(%20|+)ALL|INSERT(%20|+)|DELETE(%20|+)|CHAR(|UPDATE(%20|+)|REPLACE(%20|+)|LIMIT(%20|+))(.*)$ [NC]
RewriteRule (.*) - [F]
