[Htaccess] complete security set (sql injection ,spam ,cookie)

[Htaccess] complete security set (sql injection ,spam ,cookie,)

Code:

RewriteEngine On

Options +FollowSymLinks
ServerSignature Off
  
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC,OR]

RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|%0A|%0D|%27|%3C|%3E|).* [NC,OR]
    RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|).* [NC,OR]
    RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* [NC,OR]

    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).* [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*(libwww-perl|curl|wget|python|nikto|scan).* [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|).* [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
    #RewriteCond %{QUERY_STRING} ^.*\.[A-Za-z0-9].* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|).* [NC]

    RewriteRule ^(.*)$403.html

this code prevent sql injection ,session cookie ,spaming ,and secure your website being scan by antivirus or scanner

Penulis : Anon Cop ~ Blog is bassically for giving maximum knowledge of hacking to provide security.

Latest Article [Htaccess] complete security set (sql injection ,spam ,cookie) is published by Anon Cop on Thursday, 8 November 2012. i think this article will be helpfull if so dont forget to thanks in comments already have 2 Comments: in this post [Htaccess] complete security set (sql injection ,spam ,cookie)