Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Remote File Inclusion Protection Code For .htaccess, Code for htaccess against Remote file inclusion
Web Design Seo
post Jul 5 2011, 01:09 PM
Post #1


Web Design Seo
****

Group: Root Admin
Posts: 4,161
Joined: 29-April 09
From: Sofia
Member No.: 1



Remote file inclusion ( RFI ) protection code is Code for .htaccess to protect you against Remote file inclusion attacks of bots or hackers.

Copy-paste this code and insert at top in your htaccess:

Код
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} ^.*=(ht)|(f)+(tp)+(://|s://)+.*(\?\?)+
RewriteRule .* http://your-trap.com/php-trap-script.php [R,L]


When some bad hacker will try to attack web site with Remote file inclusion attack, bot or hacker will be redirected to url:
Код
http://your-trap.com/php-trap-script.php


If you dont have such a php script, redirect to google or some other unreal url address in this way:

Код
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} ^.*=(ht)|(f)+(tp)+(://|s://)+.*(\?\?)+
RewriteRule .* http://gggooooooglleee.com/ [R,L]


If you already have these lines in htacces:
Код
RewriteEngine On
RewriteBase /


dont copy them twice, use only other two lines for Remote File Inclusion Protection.


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
MacAcer
post Jan 7 2013, 07:35 PM
Post #2


Newbie
*

Group: Members
Posts: 3
Joined: 7-January 13
Member No.: 1,505



My Joomla 1.5.26 site was recently hacked by Hmei7.
I followed instructions on http://www.joshpate.com/2013/01/how-to-fix...oomla-web-site/ to get the site up and running again. It was pretty straight forward and I assume that it could have been a lot worse than it was. I was quick to act so I only got about 3 hours downtime. Though judging by the mails I got I did lose a few customers on those hours.

Now I ended up on this forum to read a bit more on the exploit used in this attack in order to try to fix it.
I found two suggestions for Joomla 1.5

The decision to not hack joomla 1.5:
1. Lock folder administrator. With password or by IP address.
2. Add to your htaccess file defense against RFI - Remote File Inclusion protection.

I am curious about how to lock folder administrator with password or by IP address. This sounds like a good security measure, but I don't know how to do it.

Defense against RFI

Now I did implement these two lines in my .htaccess file

Код
RewriteCond %{QUERY_STRING} ^.*=(ht)|(f)+(tp)+(://|s://)+.*(\?\?)+
RewriteRule .* http://gggooooooglleee.com/ [R,L]


The

Код
RewriteEngine On
RewriteBase /


was already included in my .htaccess file. All four lines are not neatly in a row after eachother, but as long as they're all in there and not commented out I guess that it should work? Now that leads to my main question. How can I know that it works?

I was thinking about using the

Код
RewriteRule .* http://your-trap.com/php-trap-script.php [R,L]


But I am not sure how this works? Can I just use that your-trap.com/php-trap-script.php? Or do I need a trap script on my site and redirect them to that? If, then where can I get that script?

Thank you for the useful info thus far and I hope that you can help me with the questions above, Your help would be much appreciated.

Thank you.
Go to the top of the page
 
+Quote Post
Web Design Seo
post Jan 8 2013, 07:19 AM
Post #3


Web Design Seo
****

Group: Root Admin
Posts: 4,161
Joined: 29-April 09
From: Sofia
Member No.: 1



If you don't know how to make bot trap with php, just redirect hacker to google or to other url.


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post
MacAcer
post Jan 8 2013, 11:34 AM
Post #4


Newbie
*

Group: Members
Posts: 3
Joined: 7-January 13
Member No.: 1,505



QUOTE (Web Design Seo @ Jan 8 2013, 08:19 AM) *
If you don't know how to make bot trap with php, just redirect hacker to google or to other url.

Then I'll just do that. There is no official bot trap url that you know of that could be used?

Again, how do I go about to lock the folder administrator with password or by IP address? Is this something I should be asking my webhost about?
Go to the top of the page
 
+Quote Post
MacAcer
post Jan 8 2013, 11:35 AM
Post #5


Newbie
*

Group: Members
Posts: 3
Joined: 7-January 13
Member No.: 1,505



QUOTE (Web Design Seo @ Jan 8 2013, 08:19 AM) *
If you don't know how to make bot trap with php, just redirect hacker to google or to other url.

Then I'll just do that. There is no official bot trap url that you know of that could be used?

Again, how do I go about to lock the folder administrator with password or by IP address? Is this something I should be asking my webhost about?
Go to the top of the page
 
+Quote Post
Web Design Seo
post Jan 8 2013, 11:47 AM
Post #6


Web Design Seo
****

Group: Root Admin
Posts: 4,161
Joined: 29-April 09
From: Sofia
Member No.: 1



Цитат
Again, how do I go about to lock the folder administrator with password or by IP address? Is this something I should be asking my webhost about?


by IP address: from htaccess:
Код
deny from all
allow from ... post here your ip


with password: from cpanel.


--------------------
Правила на форума | Forum Rules | How to receive support. 3D Web Design: Уеб дизайн, Seo оптимизация, Web Site Extensions, Oscommerce Addons, Wordpress plugins and Joomla Extensions. Изработка на уеб сайтове и оптимизация на сайт за търсачки и Seo услуги.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Collapse

> Similar Topics

  Topic Replies Topic Starter Views Last Action
No new Pinned: Htaccess Code To Speed Up Joomla
example code for Htaccess for Joomla, Wordpress and other CMS
7 Web Design Seo 22,007 17th November 2018 - 11:47 AM
Last post by: Web Design Seo
No New Posts Format Lost In Post By E-mail
3 gibor 10,650 9th January 2014 - 07:00 AM
Last post by: Web Design Seo
No New Posts Files To Update Joomla 1.7 To Joomla 2.5
Joomla 1.7 to Joomla 2.5 upgrade: the missing files
1 Web Design Seo 5,223 11th October 2013 - 10:11 AM
Last post by: Web Design Seo
No New Posts Htaccess Code To Switch To Other Php Version
Htaccess Code To Switch To php 5.6
0 Web Design Seo 7,290 13th June 2012 - 08:21 AM
Last post by: Web Design Seo


 



RSS Lo-Fi Version Time is now: 19th October 2019 - 06:42 AM
Clicky Web Analytics