此教程为dedecms爱好者提供的一个htaccess规则是一款强大的防火墙脚本,轻巧且超快。它努力在安全性和性能之间实现最佳平衡,直接构架在htaccess规则上,服务器不用安装第三方软件工具,直接补充网站安全。
以下是该htaccss规则防火墙的一些主要功能和目标:
通过简单实现安全
广泛的防火墙保护
进行微调以***大程度减少误报
轻巧(仅12KB!),模块化,灵活且快速
完全即插即用,无需配置
提高安全性,减少服务器负载并节省资源
Git / SVN友好(不阻止svn / git文件等)
开源,易于使用且完全免费
100%与WordPress兼容
更好的不良机器人检测
内置网站安全日志记录
htaccss规则防火墙可抵御多种类型的攻击和威胁包括:
目录遍历
HTTP响应拆分
(XSS)跨站点脚本
缓存中毒
双头漏洞
SQL / PHP /代码注入
文件注入/包含
空字节注入
WordPress漏洞利用,例如revslider,timthumb,fckeditor等
漏洞利用,例如c99shell,phpshell,remoteview,站点复印机等
PHP信息泄漏
此外,htaccss规则防火墙防火墙可抵御各种恶意请求,恶意程序,垃圾邮件和其他胡扯。此外,htaccss规则防火墙使用Apache的mod_rewrite,因此它适用于所有类型的HTTP请求方法:GET,POST,PUT,DELETE和其他所有方法。这意味着为您的网站提供强大的保护。
要求
这是htaccss规则防火墙的***要求:
Apache服务器
启用mod_rewrite
访问.htaccess或配置
网站安全htaccss规则防火墙脚本如下:
# moban:[CORE]
ServerSignature Off
Options -Indexes
RewriteEngine On
RewriteBase /
# moban:[QUERY STRING]
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} !(moban_log.php) [NC]
RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR]
RewriteCond %{QUERY_STRING} (/|%2f)(:|%3a)(/|%2f) [NC,OR]
RewriteCond %{QUERY_STRING} (/|%2f)(*|%2a)(*|%2a)(/|%2f) [NC,OR]
RewriteCond %{QUERY_STRING} (~|`|<|>|^||\|0x00|%00|%0d%0a) [NC,OR]
RewriteCond %{QUERY_STRING} (cmd|command)(=|%3d)(chdir|mkdir)(.*)(x20) [NC,OR]
RewriteCond %{QUERY_STRING} (fck|ckfinder|fullclick|ckfinder|fckeditor) [NC,OR]
RewriteCond %{QUERY_STRING} (/|%2f)((wp-)?config)((.|%2e)inc)?((.|%2e)php) [NC,OR]
RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumbs?)?)((.|%2e)php) [NC,OR]
RewriteCond %{QUERY_STRING} (absolute_|base|root_)(dir|path)(=|%3d)(ftp|https?) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127(.|%2e)0(.|%2e)0(.|%2e)1) [NC,OR]
RewriteCond %{QUERY_STRING} (.|20)(get|the)(_|%5f)(permalink|posts_page_url)((|%28) [NC,OR]
RewriteCond %{QUERY_STRING} (s)?(ftp|http|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR]
RewriteCond %{QUERY_STRING} (globals|mosconfig([a-z_]{1,22})|request)(=|[|%[a-z0-9]{0,2}) [NC,OR]
RewriteCond %{QUERY_STRING} ((boot|win)((.|%2e)ini)|etc(/|%2f)passwd|self(/|%2f)environ) [NC,OR]
RewriteCond %{QUERY_STRING} (((/|%2f){3,3})|((.|%2e){3,3})|((.|%2e){2,2})(/|%2f|%u2215)) [NC,OR]
RewriteCond %{QUERY_STRING} (benchmark|char|exec|fopen|function|html)(.*)((|%28)(.*)()|%29) [NC,OR]
RewriteCond %{QUERY_STRING} (php)([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) [NC,OR]
RewriteCond %{QUERY_STRING} (e|%65|%45)(v|%76|%56)(a|%61|%31)(l|%6c|%4c)(.*)((|%28)(.*)()|%29) [NC,OR]
RewriteCond %{QUERY_STRING} (/|%2f)(=|%3d|$&|_mm|cgi(.|-)|inurl(:|%3a)(/|%2f)|(mod|path)(=|%3d)(.|%2e)) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(e|%65|%45)(m|%6d|%4d)(b|%62|%42)(e|%65|%45)(d|%64|%44)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(i|%69|%49)(f|%66|%46)(r|%72|%52)(a|%61|%41)(m|%6d|%4d)(e|%65|%45)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(o|%4f|%6f)(b|%62|%42)(j|%4a|%6a)(e|%65|%45)(c|%63|%43)(t|%74|%54)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (+|%2b|%20)(d|%64|%44)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(t|%74|%54)(e|%65|%45)(+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (+|%2b|%20)(i|%69|%49)(n|%6e|%4e)(s|%73|%53)(e|%65|%45)(r|%72|%52)(t|%74|%54)(+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (+|%2b|%20)(s|%73|%53)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(c|%63|%43)(t|%74|%54)(+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (+|%2b|%20)(u|%75|%55)(p|%70|%50)(d|%64|%44)(a|%61|%41)(t|%74|%54)(e|%65|%45)(+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (\x00|("|%22|'|%27)?0("|%22|'|%27)?(=|%3d)("|%22|'|%27)?0|cast((|%28)0x|or%201(=|%3d)1) [NC,OR]
RewriteCond %{QUERY_STRING} (g|%67|%47)(l|%6c|%4c)(o|%6f|%4f)(b|%62|%42)(a|%61|%41)(l|%6c|%4c)(s|%73|%53)(=|[|%[0-9A-Z]{0,2}) [NC,OR]
RewriteCond %{QUERY_STRING} (_|%5f)(r|%72|%52)(e|%65|%45)(q|%71|%51)(u|%75|%55)(e|%65|%45)(s|%73|%53)(t|%74|%54)(=|[|%[0-9A-Z]{0,2}) [NC,OR]
RewriteCond %{QUERY_STRING} (j|%6a|%4a)(a|%61|%41)(v|%76|%56)(a|%61|%31)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(:|%3a)(.*)(;|%3b|)|%29) [NC,OR]