-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy path.htaccess
186 lines (151 loc) · 6.25 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
##########################################################################
# PHP- Titanium v3.0.0 : Enhanced PHP-Nuke Web Portal System #
##########################################################################
# -------------------------------------------
# Comment this out if PHP is run as CGI
# -------------------------------------------
# PHP_FLAG register_globals On
# PHP_FLAG output_buffering On
Options All -Indexes
# -------------------------------------------
# Swap index.html index.php for html start page
# -------------------------------------------
DirectoryIndex index.php index.html
Options +FollowSymlinks
<IfModule mod_rewrite.c>
RewriteEngine on
##################################################################################################
# Force SSL - no insecure data connections! ##### Added By Ernest Allen Buffington 08/05/2019
##################################################################################################
RewriteCond %{HTTPS} off
#RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}
##################################################################################################
# Force WWW - this is only needed for root domains... ##### Added By Ernest Allen Buffington 03/16/2021
##################################################################################################
RewriteCond %{HTTP_HOST} !=""
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
##################################################################################################
# -------------------------------------------
# Security Rewrites
# -------------------------------------------
RewriteCond %{THE_REQUEST} (\?act\=) [NC,OR]
RewriteCond %{THE_REQUEST} (sql_login) [NC,OR]
RewriteCond %{THE_REQUEST} (basepath) [OR]
RewriteCond %{THE_REQUEST} (libpath) [OR]
RewriteCond %{THE_REQUEST} (absolute_path) [OR]
RewriteCond %{THE_REQUEST} (vwar_root) [OR]
RewriteCond %{THE_REQUEST} (includedir) [OR]
RewriteCond %{THE_REQUEST} (file=http:\/\/) [OR]
RewriteCond %{THE_REQUEST} (name=http:\/\/) [OR]
RewriteCond %{THE_REQUEST} (phpbb_root_path)
RewriteRule ^.*$ http://127.0.0.1/ [R=301,L]
# -------------------------------------------
# Lazy Google Tap
# -------------------------------------------
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7&$8=$9 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7#$8 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5#$6 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3#$4 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3 [L]
RewriteRule ^86it-index.html#(.*)$ /index.php#$1 [L]
RewriteRule ^86it-index.html$ /index.php [L]
RewriteRule ^86it-(.*)\.html#(.*)$ /modules.php?name=$1#$2 [L]
RewriteRule ^86it-(.*)\.html$ /modules.php?name=$1 [L]
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl
RewriteRule ^.*$ http://127.0.0.1 [R,L]
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl/[0-9].[0-9]*
RewriteRule ^.*$ http://127.0.0.1 [R,L]
</IfModule>
# for hosts that don't allow the above, we won't give people anything to look at
<IfModule mod_autoindex.c>
IndexIgnore *
</IfModule>
# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .htaccess>
deny from all
</Files>
<Files .staccess>
deny from all
</Files>
# <Files admin.php>
# <Limit GET POST PUT>
# require valid-user
# </Limit>
# AuthName "Restricted"
# AuthType Basic
# AuthUserFile /PATH/TO/YOUR/.staccess
# </Files>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------
# Disable .htaccess viewing from browser
<files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</files>
# Network Titanium SDK v5
# Disable fbconfig.php viewing from browser
<files ~ "\nconfig.php$">
deny from all
</files>
# facebook Titanium SDK v5
# Disable fbconfig.php viewing from browser
<files ~ "\fbconfig.php$">
deny from all
</files>
# Disable config.php viewing from browser
<files ~ "\config.php$">
deny from all
</files>
# deny most common except .php/.html
<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module|exe)$">
deny from all
</FilesMatch>
<FilesMatch "versions\feed.php">
allow from all
</FilesMatch>
<FilesMatch "versions\index.php">
allow from all
</FilesMatch>
# -------------------------------------------
# Setup caching
# -------------------------------------------
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A0
# Set up caching on media files for 1 year (forever?)
<FilesMatch "\.(ico|flv|pdf|mov|mp3|wmv|ppt)$">
ExpiresDefault A29030400
Header append Cache-Control "public"
</FilesMatch>
# Set up caching on media files for 1 week
<FilesMatch "\.(gif|jpg|jpeg|png|swf|bmp)$">
ExpiresDefault A604800
Header append Cache-Control "public"
</FilesMatch>
# Set up 2 Hour caching on commonly updated files
<FilesMatch "\.(xml|txt|html|js|css)$">
ExpiresDefault A7200
Header append Cache-Control "private, proxy-revalidate, must-revalidate"
</FilesMatch>
</IfModule>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------
# Banned Bad Bots
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit