Advanced Search

htaccess DENY incarnate query strings

/ Published in: Apache
Save to your folder(s)
block evil incarnate query strings

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. <ifmodule mod_rewrite.c>
  2.  RewriteCond %{QUERY_STRING} \.\.\/    [NC,OR]
  3.  RewriteRule .* -                      [F,L]
  4. </ifmodule>
  5. # block evil incarnate user agents
  6. SetEnvIfNoCase User-Agent "shell_exec"  keep_out
  7. SetEnvIfNoCase User-Agent "passthru"    keep_out
  8. SetEnvIfNoCase User-Agent "function"    keep_out
  9. <Limit GET POST>
  10.  order allow,deny
  11.  allow from all
  12.  deny from env=keep_out
  13. </Limit>

URL: http://perishablepress.com/press/2008/09/15/evil-incarnate-but-easily-blocked/

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.