1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing your website against bloody black hatters!

Discussion in 'Black Hat SEO' started by Panther28, Jan 24, 2013.

  1. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    If you don't already use your .htaccess for security, then you'd do well to use this code on your .htacess file to secure you against any internet nasties.

    Just stick the code into your .htaccess file below at the bottom.
    The website that I got this from is shown in the header, so check back there, they update the blacklist every few months.

    It won't stop everything, but it is the equivalent of a decent condom.

    Code:
    
    
    # 5G BLACKLIST/FIREWALL (2013)# @ http://perishablepress.com/5g-blacklist-2013/# 5G:[QUERY STRINGS]<IfModule mod_rewrite.c>	RewriteEngine On	RewriteBase /	RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]	RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]	RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]	RewriteCond %{QUERY_STRING} (\\|\.\./|`|=\'$|=%27$) [NC,OR]	RewriteCond %{QUERY_STRING} (\;|\'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]	RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]	RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]	RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]	RewriteRule .* - [F]</IfModule># 5G:[USER AGENTS]<IfModule mod_setenvif.c>	# SetEnvIfNoCase User-Agent ^$ keep_out	SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out	<limit GET POST PUT>		Order Allow,Deny		Allow from all		Deny from env=keep_out	</limit></IfModule># 5G:[REQUEST STRINGS]<IfModule mod_alias.c>	RedirectMatch 403 (https?|ftp|php)\://	RedirectMatch 403 /(https?|ima|ucp)/	RedirectMatch 403 /(Permanent|Better)$	RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$	RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")	RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$	RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$	RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)	RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)	RedirectMatch 403 \.well\-known/host\-meta	RedirectMatch 403 /function\.array\-rand	RedirectMatch 403 \)\;\$\(this\)\.html\(	RedirectMatch 403 proc/self/environ	RedirectMatch 403 msnbot\.htm\)\.\_	RedirectMatch 403 /ref\.outcontrol	RedirectMatch 403 com\_cropimage	RedirectMatch 403 indonesia\.htm	RedirectMatch 403 \{\$itemURL\}	RedirectMatch 403 function\(\)	RedirectMatch 403 labels\.rdf	RedirectMatch 403 /playing.php	RedirectMatch 403 muieblackcat</IfModule># 5G:[REQUEST METHOD]<ifModule mod_rewrite.c>	RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)	RewriteRule .* - [F]</IfModule># 5G:[BAD IPS]<limit GET POST PUT>	Order Allow,Deny	Allow from all	# uncomment/edit/repeat next line to block IPs	# Deny from 123.456.789</limit>
     
  2. kvmcable

    kvmcable Supreme Member

    Joined:
    Dec 28, 2010
    Messages:
    1,355
    Likes Received:
    2,815
    Occupation:
    24 year business owner - old school dude
    Location:
    KFC - BW3
    wrong forum - we aren't scared of black hatters here.
     
    • Thanks Thanks x 1
  3. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    And you obviously don't understand sarcasm either :)
     
  4. leena

    leena Jr. VIP Jr. VIP

    Joined:
    Apr 13, 2010
    Messages:
    1,966
    Likes Received:
    755
    does this also hide the links from being showing on ahrefs, majestic seo?
     
  5. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    Im not entirely sure, its worth checking out the link in the top line, as the guys that wrote it seem to be pretty clued up, more so than me anyway :)
     
  6. AgentOrange_MkUltra

    AgentOrange_MkUltra Junior Member

    Joined:
    May 29, 2009
    Messages:
    180
    Likes Received:
    44
    Occupation:
    Hijacking Your System
    Location:
    Many steps ahead & Behind 4 Proxies + double VPN!
    The code has to be on multiple lines, not on a single line. )

    The code after # is ignored by the computer (commented out), it is for reference only.

    The appropriate orthography for your htaccess is the following


    Code:
    
    
    # 5G BLACKLIST/FIREWALL (2013)
    # @ http://perishablepress.com/5g-blacklist-2013/
    # 5G:[QUERY STRINGS]
    
    <IfModule mod_rewrite.c>
    
    RewriteEngine On
    RewriteBase /
    RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]
    RewriteCond %{QUERY_STRING} (\\|\.\./|`|=\'$|=%27$) [NC,OR]
    RewriteCond %{QUERY_STRING} (\;|\'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]
    RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]
    RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
    RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
    RewriteRule .* - [F]
    
    </IfModule>
    
    # 5G:[USER AGENTS]
    
    <IfModule mod_setenvif.c>
    
    # SetEnvIfNoCase User-Agent ^$ keep_out
    
    SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out
    
    <limit GET POST PUT>
    
    Order Allow,Deny
    
    Allow from all
    
    Deny from env=keep_out
    
    </limit>
    
    </IfModule>
    
    # 5G:[REQUEST STRINGS]
    
    <IfModule mod_alias.c>
    
    RedirectMatch 403 (https?|ftp|php)\://
    RedirectMatch 403 /(https?|ima|ucp)/
    RedirectMatch 403 /(Permanent|Better)$
    RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
    RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
    RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
    RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
    RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
    RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
    RedirectMatch 403 \.well\-known/host\-meta
    RedirectMatch 403 /function\.array\-rand
    RedirectMatch 403 \)\;\$\(this\)\.html\(
    RedirectMatch 403 proc/self/environ
    RedirectMatch 403 msnbot\.htm\)\.\_
    RedirectMatch 403 /ref\.outcontrol
    RedirectMatch 403 com\_cropimage
    RedirectMatch 403 indonesia\.htm
    RedirectMatch 403 \{\$itemURL\}
    RedirectMatch 403 function\(\)
    RedirectMatch 403 labels\.rdf
    RedirectMatch 403 /playing.php
    RedirectMatch 403 muieblackcat
    
    </IfModule>
    
    # 5G:[REQUEST METHOD]
    
    <ifModule mod_rewrite.c>
    
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    
    </IfModule>
    
    # 5G:[BAD IPS]
    
    <limit GET POST PUT>
    
    Order Allow,Deny
    Allow from all
    
    # uncomment/edit/repeat next line to block IPs
    # Deny from 123.456.789
    
    </limit>
    
    
    


    The code the way you wrote it before is just garbage that will cause internal server error. Written this way, the ortography is fine, at least formally. I am not testing it, so it could of course not work in useful way; the code could be useless and meaningless in practice. But at least the computer won't tell you that you wrote absurd garbage.

    Notice that in order to authentically benefit by htaccess, htpasswd and such coding,you must be able to interpret an understand what you're writing; you should be able adapt it to your needs. For example, in this case you should be able to read your logs, notice abusive bots by their ip and user agent, and then edit your .htaccess to ban them (see commented lines on code where you're invited to uncomment and edit)
     
    • Thanks Thanks x 1
    Last edited: Jan 25, 2013