Securing your website against bloody black hatters!

Panther28 · Jan 24, 2013

If you don't already use your .htaccess for security, then you'd do well to use this code on your .htacess file to secure you against any internet nasties.

Just stick the code into your .htaccess file below at the bottom.
The website that I got this from is shown in the header, so check back there, they update the blacklist every few months.

It won't stop everything, but it is the equivalent of a decent condom.

Code:

# 5G BLACKLIST/FIREWALL (2013)# @ http://perishablepress.com/5g-blacklist-2013/# 5G:[QUERY STRINGS]<IfModule mod_rewrite.c>	RewriteEngine On	RewriteBase /	RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]	RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]	RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]	RewriteCond %{QUERY_STRING} (\\|\.\./|`|=\'$|=%27$) [NC,OR]	RewriteCond %{QUERY_STRING} (\;|\'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]	RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]	RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]	RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]	RewriteRule .* - [F]</IfModule># 5G:[USER AGENTS]<IfModule mod_setenvif.c>	# SetEnvIfNoCase User-Agent ^$ keep_out	SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out	<limit GET POST PUT>		Order Allow,Deny		Allow from all		Deny from env=keep_out	</limit></IfModule># 5G:[REQUEST STRINGS]<IfModule mod_alias.c>	RedirectMatch 403 (https?|ftp|php)\://	RedirectMatch 403 /(https?|ima|ucp)/	RedirectMatch 403 /(Permanent|Better)$	RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$	RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")	RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$	RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$	RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)	RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)	RedirectMatch 403 \.well\-known/host\-meta	RedirectMatch 403 /function\.array\-rand	RedirectMatch 403 \)\;\$\(this\)\.html\(	RedirectMatch 403 proc/self/environ	RedirectMatch 403 msnbot\.htm\)\.\_	RedirectMatch 403 /ref\.outcontrol	RedirectMatch 403 com\_cropimage	RedirectMatch 403 indonesia\.htm	RedirectMatch 403 \{\$itemURL\}	RedirectMatch 403 function\(\)	RedirectMatch 403 labels\.rdf	RedirectMatch 403 /playing.php	RedirectMatch 403 muieblackcat</IfModule># 5G:[REQUEST METHOD]<ifModule mod_rewrite.c>	RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)	RewriteRule .* - [F]</IfModule># 5G:[BAD IPS]<limit GET POST PUT>	Order Allow,Deny	Allow from all	# uncomment/edit/repeat next line to block IPs	# Deny from 123.456.789</limit>

kvmcable · Jan 24, 2013

wrong forum - we aren't scared of black hatters here.

Panther28 · Jan 24, 2013

And you obviously don't understand sarcasm either

InstaRank · Jan 24, 2013

does this also hide the links from being showing on ahrefs, majestic seo?

Panther28 · Jan 25, 2013

Im not entirely sure, its worth checking out the link in the top line, as the guys that wrote it seem to be pretty clued up, more so than me anyway

AgentOrange_MkUltra · Jan 25, 2013

The code has to be on multiple lines, not on a single line. )

The code after # is ignored by the computer (commented out), it is for reference only.

The appropriate orthography for your htaccess is the following

Code:

# 5G BLACKLIST/FIREWALL (2013)
# @ http://perishablepress.com/5g-blacklist-2013/
# 5G:[QUERY STRINGS]

<IfModule mod_rewrite.c>

RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]
RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]
RewriteCond %{QUERY_STRING} (\\|\.\./|`|=\'$|=%27$) [NC,OR]
RewriteCond %{QUERY_STRING} (\;|\'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]
RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]
RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
RewriteRule .* - [F]

</IfModule>

# 5G:[USER AGENTS]

<IfModule mod_setenvif.c>

# SetEnvIfNoCase User-Agent ^$ keep_out

SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) keep_out

<limit GET POST PUT>

Order Allow,Deny

Allow from all

Deny from env=keep_out

</limit>

</IfModule>

# 5G:[REQUEST STRINGS]

<IfModule mod_alias.c>

RedirectMatch 403 (https?|ftp|php)\://
RedirectMatch 403 /(https?|ima|ucp)/
RedirectMatch 403 /(Permanent|Better)$
RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
RedirectMatch 403 \.well\-known/host\-meta
RedirectMatch 403 /function\.array\-rand
RedirectMatch 403 \)\;\$\(this\)\.html\(
RedirectMatch 403 proc/self/environ
RedirectMatch 403 msnbot\.htm\)\.\_
RedirectMatch 403 /ref\.outcontrol
RedirectMatch 403 com\_cropimage
RedirectMatch 403 indonesia\.htm
RedirectMatch 403 \{\$itemURL\}
RedirectMatch 403 function\(\)
RedirectMatch 403 labels\.rdf
RedirectMatch 403 /playing.php
RedirectMatch 403 muieblackcat

</IfModule>

# 5G:[REQUEST METHOD]

<ifModule mod_rewrite.c>

RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

</IfModule>

# 5G:[BAD IPS]

<limit GET POST PUT>

Order Allow,Deny
Allow from all

# uncomment/edit/repeat next line to block IPs
# Deny from 123.456.789

</limit>

The code the way you wrote it before is just garbage that will cause internal server error. Written this way, the ortography is fine, at least formally. I am not testing it, so it could of course not work in useful way; the code could be useless and meaningless in practice. But at least the computer won't tell you that you wrote absurd garbage.

Notice that in order to authentically benefit by htaccess, htpasswd and such coding,you must be able to interpret an understand what you're writing; you should be able adapt it to your needs. For example, in this case you should be able to read your logs, notice abusive bots by their ip and user agent, and then edit your .htaccess to ban them (see commented lines on code where you're invited to uncomment and edit)

Securing your website against bloody black hatters!

Panther28

Elite Member

kvmcable

Supreme Member

Panther28

Elite Member

InstaRank

Elite Member

Panther28

Elite Member

AgentOrange_MkUltra

Junior Member

Main Menu

Marketplace

Making Money

BlackHatWorld

Other