[BlueOnyx:13361] Re: SSL & Joomla

Will Nordmeyer will at wnahosting.com
Tue Jul 16 09:19:21 -05 2013 

On Tue, 16 Jul 2013 10:01:21 -0400, "Richard C. Barker Sr."
<admin at probass.com> wrote:
> this is the complete sitexx.include
> 
> <Directory /home/.sites/xxx/sitexx/web/>
> php_flag display_errors Off
> AllowOverride All
> ## Options All
> php_flag register_globals off
> php_flag magic_quotes_gpc on
> ## Can be commented out if causes errors, see notes above.
> ##Options +FollowSymLinks
> 
> 
> ## mod_rewrite in use
> 
> RewriteEngine On
> 
> # Block out any script trying to set a mosConfig value through the URL
> RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
> # Block out any script trying to base64_encode crap to send via URL
> RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
> # Block out any script that includes a <script> tag in URL
> RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
> # Block out any script trying to set a PHP GLOBALS variable via URL
> RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
> # Block out any script trying to modify a _REQUEST variable via URL
> RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
> # Send all blocked request to homepage with 403 Forbidden error!
> RewriteRule ^(.*)$ index.php [F,L]
> 
> # RewriteBase /
> 
> 
> ########## Begin - Joomla! core SEF Section
> #
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_URI} !^/index.php
> RewriteCond %{REQUEST_URI} 
> (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
> RewriteRule (.*) index.php
> RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
> #
> ########## End - Joomla! core SEF Section
> 
> RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot at yahoo.com [OR]
> RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
> RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
> RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
> RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
> RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
> RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
> RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
> RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
> RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
> RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
> RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
> RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
> RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
> RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
> RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
> RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
> RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
> RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
> RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
> RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
> RewriteCond %{HTTP_USER_AGENT} ^MS\ FrontPage [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
> RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
> RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
> RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
> RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
> RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
> RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
> RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
> RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
> RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
> RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
> RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
> RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
> RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
> RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
> RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
> RewriteCond %{HTTP_USER_AGENT} ^webbandit [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
> RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
> RewriteCond %{HTTP_USER_AGENT} ^Zeus [OR]
> RewriteCond %{HTTP_USER_AGENT} ^YandexBot [OR]
> RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
> RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget) [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} ^Nikto/2.1.4 [OR]
> RewriteCond %{HTTP_USER_AGENT} ^(X11|Smetrics) [OR]
> RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [OR]
> RewriteCond %{HTTP_USER_AGENT} 
> (winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) 
> [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} (libwww-perl|curl|wget|python|nikto|scan) 
> [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} (<|>|Â’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
> RewriteCond %{HTTP_USER_AGENT} ^ZmEu
> ## Note: The final RewriteCond must NOT use the [OR] flag.
> 
> ## Return 403 Forbidden error.
> RewriteRule .* - [F]
> </Directory>

Are all these rewrite rules preventing spambots or other problems?

More information about the Blueonyx mailing list