058-008 & 009 - HTACCESS & Errors

The time now is Sat 21 Dec, 2024 12:55 • All times are UTC + 1 Hour

058-008 & 009 - HTACCESS & Errors

Page 1 of 1

Mighty Gorgon

Luca Libralato

Joined: August 2006
Posts: 7192
Location:

Borgo San Michele

058-008 & 009 - HTACCESS & Errors

Hi all.

For all that cannot set REGISTER_GLOBALS to OFF, I've created this HTACCESS that may block hacking via RFI (Remote File Injection).

HTACCESS modification requires Apache Rewrite Engine set to ENABLED to work and is not needed for those who have REGISTER_GLOBALS set to OFF.

Here is the part to insert in your HTACCESS in the root of your site:

Code: [Download] [Hide] [Select]

##################################

# Block Hacking Attempts - BEGIN #

##################################

##################################

# CONDITIONS

##################################

# STRICT CONDITION

#RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path|album_root_path|module_root_path|mx_root_path|upi2db_file_path).*$

# LESS STRICT CONDITION

RewriteCond %{QUERY_STRING} ^.*(phpbb_root_path=|album_root_path=|module_root_path=|mx_root_path=|upi2db_file_path=).*$

##################################

# REWRITE

##################################

# FORBIDDEN

#RewriteRule ^.*$ - [F,L]

# REDIRECT TO LOCALHOST

RewriteRule ^.*$ http://127.0.0.1/ [redirect,last]

##################################

##################################

# Block Hacking Attempts - END   #

##################################

This will redirect all hacking attempts using the most common known vars (these should be the only used in XS, if you install other mods, you may want to add even other vars) to localhost of the hacker.

I left commented the opportunity to generate an error that will be logged by XS errors function which I attach here the new file.

So here attached you will find:

Premodified standard XS HTACCESS
New ERRORS.PHP file (replace the old with this one)

The file errors.php it's indipendent from HTACCESS, so you should apply this patch even if you are not modifying your HTACCESS

058_009_errors.zip
Description:	058-009 - Errors	Download
Filename:	058_009_errors.zip
Filesize:	2.35 KB
Downloaded:	448 Time(s)

058_008_htaccess.zip
Description:	058-008 - HTACCESS	Download
Filename:	058_008_htaccess.zip
Filesize:	5.21 KB
Downloaded:	414 Time(s)

____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON

#1 Tue 29 Aug, 2006 10:09

Sponsors	Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.

Nizzle

Joined: August 2006
Posts: 152
Location:

Dordrecht..

Re: 058-008 & 009 - HTACCESS & Errors

you've put my part in that .htacces

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that?

____________
check out my site sometime

www.Dutch-HQ.net

#2 Tue 29 Aug, 2006 13:47

Lucky Joined: August 2006 Posts: 106	Re: 058-008 & 009 - HTACCESS & Errors I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess ! But I must change the errors file. I's all right ?
#3 Tue 29 Aug, 2006 14:13

Lucky

Joined: August 2006
Posts: 106

Re: 058-008 & 009 - HTACCESS & Errors

In phpbb-seo they have suggest to me to make these change in .htaccess

1)

Move

Code: [Download] [Hide]

#make sure the whole site goes to www.mysite.com 
 
#instead of mysite.com. This is good for the search engines 
 
#Edit and uncomment the below lines for your own site. 
 
RewriteCond %{HTTP_HOST} ^mysite.org 
 
RewriteRule (.*) http://www.mysite.com/>RewriteRule (.*) http://www.mysite.com/$1 [R=301,L] 
 < [R=301,L]

between

RewriteEngine On

and

RewriteBase /

2)

put [L] at the end of every RewriteRule

More details about this discussion you can find HERE

What do you think about it ?

#4 Tue 29 Aug, 2006 14:23

Mighty Gorgon

Luca Libralato

Joined: August 2006
Posts: 7192
Location:

Borgo San Michele

Re: 058-008 & 009 - HTACCESS & Errors

Nizzle wrote: [View Post]
you've put my part in that .htacces

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that?

Great idea... we can buy a domain and do it! Then we will sell banners...

Lucky wrote: [View Post]
I have set REGISTER_GLOBALS to OFF. I don't need to change the .htaccess file ... I can leave original .htaccess !

But I must change the errors file.

I's all right ?

Right!

Lucky wrote: [View Post]
In phpbb-seo they have suggest to me to make these change in .htaccess

...

What do you think about it ?

Yes it does make sense...

____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON

#5 Thu 31 Aug, 2006 01:37

Nizzle Joined: August 2006 Posts: 152 Location: Dordrecht..	Re: 058-008 & 009 - HTACCESS & Errors got a new spammer site thingy.. Code: [Download] [Hide] Code: [Download] [Show] 1awm.com ____________ check out my site sometime www.Dutch-HQ.net
#6 Thu 31 Aug, 2006 18:12

hpl Joined: August 2006 Posts: 302 Location: Trieste	Re: 058-008 & 009 - HTACCESS & Errors this is ok for Aruba??...
#7 Sat 02 Sep, 2006 10:44

Mighty Gorgon Luca Libralato Joined: August 2006 Posts: 7192 Location: Borgo San Michele	Re: 058-008 & 009 - HTACCESS & Errors hpl wrote: [View Post] this is ok for Aruba??... Yes... it is working here. ____________ Luca SEARCH is the quickest way to get support. Icy Phoenix ColorizeIt - CustomIcy - HON
#8 Sat 02 Sep, 2006 13:22

Nizzle

Joined: August 2006
Posts: 152
Location:

Dordrecht..

Re: 058-008 & 009 - HTACCESS & Errors

today I've found yet some others..

Code: [Download] [Hide]

RewriteCond %{HTTP_REFERER} ^(.*)alcotour.com(.*)$ [OR]
 
RewriteCond %{HTTP_REFERER} ^(.*)goldadornment.com(.*)$ [OR]
 
RewriteCond %{HTTP_REFERER} ^(.*)mifec.org(.*)$ [OR]
 
RewriteCond %{HTTP_REFERER} ^(.*)1awm.com(.*)$ [OR]
 
RewriteCond %{HTTP_REFERER} ^(.*)toruc.org(.*)$ [OR]

all from the same damn site

____________
check out my site sometime

www.Dutch-HQ.net

#9 Mon 04 Sep, 2006 21:20

fracs Joined: August 2006 Posts: 71 Location: Cosenza	Re: 058-008 & 009 - HTACCESS & Errors My error log: script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842 and more of this. ____________ Cosenza United::FCC My Problem Child
#10 Tue 19 Sep, 2006 09:06	$fracs$

Mighty Gorgon

Luca Libralato

Joined: August 2006
Posts: 7192
Location:

Borgo San Michele

Re: 058-008 & 009 - HTACCESS & Errors

fracs wrote: [View Post]
My error log:

script '/home/cosenzau/cosenzaunited.org/html/errors.php' not found or unable to stat, referer: http://www.cosenzaunited.org/forum/...=quote&p=490842

and more of this.

It seems you are missing that file... or you may have to set a different path to errors.php...

Do you have your forum in a subfolder?

____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON

#11 Wed 20 Sep, 2006 00:37

fracs

Joined: August 2006
Posts: 71
Location:

Cosenza

Re: 058-008 & 009 - HTACCESS & Errors

error.php is in root of forum /forum/error.php, /html/ is root of the site...

0: [client 66.249.65.xxx] PHP Fatal error: Call to undefined function: session_pagestart() in /home/cosenzau/cosenzaunited.org/html/errors.php on line 49
1: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './common.' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
2: [client 66.249.65.xxx] PHP Warning: main(./common.): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
3: [client 66.249.65.xxx] PHP Notice: Undefined variable: phpEx in /home/cosenzau/cosenzaunited.org/html/errors.php on line 24
4: [client 66.249.65.xxx] PHP Warning: main(): Failed opening './extension.inc' for inclusion (include_path='.:/usr/share/pear') in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23
5: [client 66.249.65.xxx] PHP Warning: main(./extension.inc): failed to open stream: No such file or directory in /home/cosenzau/cosenzaunited.org/html/errors.php on line 23

____________
Cosenza United::FCC
My Problem Child

#12 Wed 20 Sep, 2006 08:13

$fracs$

Nizzle

Joined: August 2006
Posts: 152
Location:

Dordrecht..

Re: 058-008 & 009 - HTACCESS & Errors

Mighty Gorgon wrote: [View Post]
Nizzle wrote: [View Post]
you've put my part in that .htacces

BTW..
is there a site you can redirect them to..
which will let them crash or something
was thinking to redirect them to my own site
then they'll find the .htacces again
redirect again

bringing them into a loop
which makes them useless..

is there a site like that?

Great idea... we can buy a domain and do it! Then we will sell banners...

you'd get a shitload of visitors

put it in the default .htacces for XS and you'll get even more

____________
check out my site sometime

www.Dutch-HQ.net

#13 Sat 23 Sep, 2006 14:40

Page 1 of 1

Was this topic useful?

Link this topic
URL
BBCode
HTML

The time now is Sat 21 Dec, 2024 12:55 • All times are UTC + 1 Hour

Permissions List

You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events