Htaccess File

procamora/Wiki-Pelican/master/content/extra/.htaccess

HTTP_USER_AGENT, QUERY_STRING, REQUEST_URI
# Do not remove this line or mod_rewrite rules and search engine friendly URLs will stop working
#http://www.jpereira.net/web/un-poco-de-seguridad-con-htaccess

RewriteBase /

#Manejo de errores
ErrorDocument 404 /error_404.html
ErrorDocument 403 /error_404.html
ErrorDocument 400 /error_404.html
ErrorDocument 406 /error_404.html
ErrorDocument 412 /error_404.html
ErrorDocument 416 /error_404.html
ErrorDocument 401 /error_404.html
ErrorDocument 501 /error_404.html

#Inyecciones SQL
RewriteCond %{QUERY_STRING} (;|<|>|’|”|)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/*|union|select|insert|cast|set|declare|drop|update|md5|benchmark) [NC,OR]
RewriteCond %{QUERY_STRING} ../.. [OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127.0.0.1) [NC,OR]
RewriteCond %{QUERY_STRING} .[a-z0-9] [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
RewriteRule ^(.*)$ index.php [R=404]

#Bloqueo de agentes y utilidades de línea de comandos
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (libwww-perl|curl|wget|python|nikto|scan) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
RewriteRule ^(.*)$ index.php [R=404]

#Evitar Exploración de directorios.
Options -Indexes

#Bloqueo de direcotios
RewriteEngine on
RewriteCond %{REQUEST_URI} ^.*/.git/.*$
RewriteRule ^(.*)$ index.php [R=404]

#Si hay un error que no de informacion (firma del explorador: versión, módulos, sistema operativo, etc)
ServerSignature Off

#Bloquear acceso a ficheros
<FilesMatch ".(htaccess|htpasswd|ini|phps|log|bak|txt|py)$">
 Order Allow,Deny
 Deny from all
</FilesMatch>
Exit mobile version