Posted By

j4kp07 on 07/09/10


Tagged

htaccess


Versions (?)

htaccess DENY incarnate query strings


 / Published in: Apache
 

URL: http://perishablepress.com/press/2008/09/15/evil-incarnate-but-easily-blocked/

block evil incarnate query strings

  1. <ifmodule mod_rewrite.c>
  2. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
  3. RewriteRule .* - [F,L]
  4. </ifmodule>
  5. # block evil incarnate user agents
  6. SetEnvIfNoCase User-Agent "shell_exec" keep_out
  7. SetEnvIfNoCase User-Agent "passthru" keep_out
  8. SetEnvIfNoCase User-Agent "function" keep_out
  9. <Limit GET POST>
  10. order allow,deny
  11. allow from all
  12. deny from env=keep_out
  13. </Limit>

Report this snippet  

You need to login to post a comment.