File size: 4.26Kb
RemoveType .pl .cgi .php .php3 .php4 .php5 .xml .phtml .phtm .html .htm .wml .shtm .shtml
RemoveHandler .pl .cgi .php .php3 .php4 .php5 .xml .phtml .phtm .html .htm .wml .shtm .shtml
Options All -Indexes
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
<Files ^(*.jpeg|*.jpg|*.png|*.gif)>
order deny,allow
deny from all
</Files>
<Files images>
deny from all
</Files>
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
<Files *.php.*>
deny from all
</Files>
<Files *.com.*>
deny from all
</Files>
<Files *.com*>
deny from all
</Files>
<Files *.com>
deny from all
</Files>
<Files *.php.php.*>
deny from all
</Files>
<Files *.php>
deny from all
</Files>
<Files *.asp>
deny from all
</Files>
<Files *.asp.*>
deny from all
</Files>
<Files *.exe.*>
deny from all
</Files>
<Files *.exe*>
deny from all
</Files>
<Files *.exe>
deny from all
</Files>
<Files *.lck.*>
deny from all
</Files>
<Files *.lck*>
deny from all
</Files>
<Files *.lck>
deny from all
</Files>
#UTK LIMITKAN BANDWITH KURANG DOS ACTACK
#LimitRequestBody 102400
AddType audio/x-mpegurl .m3u
AddType audio/mpegurl .m3u
AddType text/vnd.wap.wml .wml
AddType application/vnd.wap.wmlc .wmlc
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlscriptc .wmlsc
AddType image/vnd.wap.wbmp .wbmp
AddType image/gif .gif .php.gif
AddType application/java-archive .jar
AddType application/x-java-archive .jar
AddType text/vnd.sun.j2me.app-descriptor;charset=UTF-8 .jad
AddType application/vnd.symbian.install .sis
AddType audio/3gpp .3gp .php.3gp
AddType video/3gpp .3gp .php.3gp
AddType image/gif .gif .php.gif
AddType image/jpg .gif .php.jpg
AddType audio/x-wav .wav
AddType audio/amr .amr
AddType audio/amr-wb .awb
AddType audio/mpeg .mp3
AddType audio/x-midi .mid
AddType audio/midi .mid
AddType audio/midi .midi
AddType application/x-smaf .mmf
AddType application/vnd.smaf .mmf
AddType application/vnd.mophun.application .mpn
AddType application/vnd.mophun.application .mpc
AddType application/vnd.eri.thm .thm
AddType application/vnd.nok-s40theme .nth
#Options -DirList
##UTK BLOCK SCRIPT BERGANTUNG PADA JENIS
RemoveHandler cgi-script .pl .py .cgi
AddHandler cgi-script .mp3 .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI All Indexes
#Auth
AuthType Basic
AuthName localhost
Require valid-user
SetEnvIf Request_URI "^/(error/401\.html¦robots\.txt)$" allow_all
#Order allow,deny
#Allow from env=allow_all
Satisfy any
#REWRITE MOD
Options +FollowSymlinks
RewriteEngine on
#-yg ni gile sume .php or * php * sume akan ke index.php or leh buat 1 page error
#RewriteRule ^(.*).php$(.*)$ index.php [L,NE]
#RewriteRule ^(.*).com$(.*)$ index.php [L,NE]
#RewriteRule ^(.*).asp$(.*)$ index.php [L,NE]
#UTK BLOCK BOT
RewriteCond %{HTTP_USER_AGENT} ^BadBot
RewriteRule ^(.*)$ http://go.away/
#UTK ON HTTPS BOLEH OFF GAK KALO ADE ERROR
#RewriteCond %{HTTPS} !^on$
#RewriteRule (.*) https://%{HTTP_HOST}/$1 [R]
# Rule #4a - Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Rule #4b - Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Rule #4c - Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Rule #4d - Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
# Rule #4e - Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
# Prevent XSS attacks
#
RewriteCond %{QUERY_STRING} http://([a-zA-Z0-9_\-]*) [NC,OR]
RewriteCond %{QUERY_STRING} http:/([a-zA-Z0-9_\-]*) [NC,OR]
RewriteCond %{QUERY_STRING} cmd= [NC,OR]
RewriteCond %{QUERY_STRING} &cmd [NC,OR]
RewriteCond %{QUERY_STRING} exec [NC,OR]
RewriteCond %{QUERY_STRING} execu [NC,OR]
RewriteCond %{QUERY_STRING} concat [NC]
RewriteRule ^.* - [F]
#
# Prevent SQL injections
#
RewriteCond %{QUERY_STRING} UNION([%20\ /\*+]*)ALL([%20\ /\*+]*)SELECT [NC,OR]
RewriteCond %{QUERY_STRING} UNION([%20\ /\*+]*)SELECT [NC,OR]
RewriteCond %{QUERY_STRING} /\* [NC,OR]
RewriteCond %{QUERY_STRING} \*/ [NC]
RewriteRule ^.* - [F]