UnixServerAdmin

Server Administration & Management

How to stop website to get injected from hackers using .htaccess

In now a days its very easy to inject any forum.You can secure your forum by using following code in your .htaccess

# Worm sign
BrowserMatchNoCase SpammerRobot bad_bot
BrowserMatchNoCase SecurityHoleRobot bad_bot

# spam bots
SetEnvIfNoCase User-Agent “^EmailSiphon” bad_bot
SetEnvIfNoCase User-Agent “^EmailWolf” bad_bot
SetEnvIfNoCase User-Agent “^ExtractorPro” bad_bot
SetEnvIfNoCase User-Agent “^CherryPicker” bad_bot
SetEnvIfNoCase User-Agent “^NICErsPRO” bad_bot
SetEnvIfNoCase User-Agent “^Teleport” bad_bot
SetEnvIfNoCase User-Agent “^EmailCollector” bad_bot

# plagarism bot
SetEnvIfNoCase User-Agent “^TurnitinBot” bad_bot

# IP bot
SetEnvIfNoCase User-Agent “^NPBot” bad_bot

# Worm sign
SetEnvIfNoCase User-Agent “^LWP::Simple” bad_bot
SetEnvIfNoCase User-Agent “^lwp-trivial” bad_bot
SetEnvIfNoCase User-Agent “^lwp” bad_bot
SetEnvIfNoCase User-Agent “^LWP” bad_bot

# Anti-Clickjacking Defence
Header append X-FRAME-OPTIONS “DENY”

# Worm sign
Order Deny,Allow
Deny from env=bad_bot

Advertisements

April 28, 2012 - Posted by | htaccess, Security | , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: