From 4d60153fe2cb27353b82662ce1c4405a4a98a391 Mon Sep 17 00:00:00 2001 From: Cameron Date: Tue, 5 Feb 2013 11:07:57 -0800 Subject: [PATCH] A few more security-related entries added. --- e107.htaccess | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/e107.htaccess b/e107.htaccess index 06a448a10..5af85c4e5 100644 --- a/e107.htaccess +++ b/e107.htaccess @@ -7,38 +7,49 @@ ErrorDocument 500 /error.php?500 +### Performance + AddDefaultCharset utf-8 + +### Security + ServerSignature Off + # secure htaccess file -order allow,deny -deny from all + order allow,deny + deny from all # protect e107_config.php -order allow,deny -deny from all + order allow,deny + deny from all -# Block Bad Bots -# SetEnvIfNoCase ^User-Agent$ .*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures) HTTP_SAFE_BADBOT -# SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT -# Deny from env=HTTP_SAFE_BADBOT +### Block Bad Bots + SetEnvIfNoCase ^User-Agent$ .*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures) HTTP_SAFE_BADBOT + SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT + Deny from env=HTTP_SAFE_BADBOT -# Disable directory browsing -Options All -Indexes +### Disable directory listing + Options All -Indexes -# limit file uploads to 10mb -# LimitRequestBody 10240000 +### limit file uploads to 10mb +### LimitRequestBody 10240000 ### enable rewrites Options +FollowSymLinks RewriteEngine On + ### Set this to your e107 site root, path relative to web root ### Uncomment it in case your server isn't able to rewrite proper #RewriteBase / + +### Allow only GET and POST methods + RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD) + RewriteRule .* - [F] ### send 404 on missing files in these folders RewriteCond %{REQUEST_URI} !^/(e107_images|e107_files)/