htaccess DENY incarnate query strings


/ Published in: Apache
Save to your folder(s)

block evil incarnate query strings


Copy this code and paste it in your HTML
  1. <ifmodule mod_rewrite.c>
  2. RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
  3. RewriteRule .* - [F,L]
  4. </ifmodule>
  5. # block evil incarnate user agents
  6. SetEnvIfNoCase User-Agent "shell_exec" keep_out
  7. SetEnvIfNoCase User-Agent "passthru" keep_out
  8. SetEnvIfNoCase User-Agent "function" keep_out
  9. <Limit GET POST>
  10. order allow,deny
  11. allow from all
  12. deny from env=keep_out
  13. </Limit>

URL: http://perishablepress.com/press/2008/09/15/evil-incarnate-but-easily-blocked/

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.