-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
executable file
·41 lines (37 loc) · 1.52 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
###ENVIRONMENT VARAIBLES
SetEnv PZPHP_ENVIRONMENT local
###BASIC CONFIG
Options -Indexes +FollowSymLinks
ServerSignature Off
IndexIgnore *
RewriteEngine on
###HTACCESS PROTECTION
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
##CATCHALL FOR ROUTING
####enable it if you plan to use the Routing Module
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* bootstrap.php [NC]
###INJECTION PREVENTION
####these catches are disabled by default
####feel free to uncomment them as you see fit
#RewriteCond %{QUERY_STRING} (\"|%22).*(\>|%3E|<|%3C).* [NC]
#RewriteRule ^(.*)$ bootstrap.php?action=htaccessProtection [NC]
#RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC]
#RewriteRule ^(.*)$ bootstrap.php?action=htaccessProtection [NC]
#RewriteCond %{QUERY_STRING} (javascript:).*(\;).* [NC]
#RewriteRule ^(.*)$ bootstrap.php?action=htaccessProtection [NC]
#RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
#RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
#RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
#RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
#RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
#RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
#RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
#RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
#RewriteRule ^(.*)$ bootstrap.php?action=htaccessProtection [NC]
#RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
#RewriteRule .* bootstrap.php?action=htaccessProtection [NC]