.htaccess Generator

[eUKhost.com]

Found this helpful website on the web for generation of .htaccess

htaccess Generator

It seems to be very helpful for someone like me who has no knowledge of web development. You can generate a .htaccess file for rewrite rules, redirects, Map Folder To Script, Custom Error Documents, Rewrite Condition, Protect System Files, File Cache Control, Additional Mime Types, File Extensions, Default Page & Authentication.

I hope this will help everyone over here and me as well

[shadows]

yeah, i saw that website lil time ago..when i tried to make it work and hadn't cpanel yeah.. hmm there are plenty other ways too..1.get cpanel 2.get plesk 3. get other panel 4. other other panel lol yeah

Thanks

[andreea360]

Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

Thanks

__________________
Technology Transfer Company: http://www.yissum.co.il/

[eUKhost.com]

[QUOTE=andreea360;28787]Can I somehow comment (remark) out lines in my .htaccess file so that I can see them but they have no effect? I would like to document where some sections of the file came from, why, how to use them, and what they do.

Thanks

__________________

Yes. You need to add "#" infront of respective line to comment it.

[mobile_walls]

I would like to share some lines that are very useful against vulnerability and could make higher load to your site

Code:

# prevent access from santy webworm a-e 
RewriteCond %{QUERY_STRING} ^(.*)highlight=\%2527 [OR]
RewriteCond %{QUERY_STRING} ^(.*)echr(.*) [OR] 
RewriteCond %{QUERY_STRING}% s:(.*)252echr [OR]
RewriteCond %{QUERY_STRING} ^(.*)esystem(.*) [OR]
RewriteCond %{QUERY_STRING} ^(.*)rush=\%65\%63\%68 [OR] 
RewriteCond %{QUERY_STRING} ^(.*)rush=echo [OR] 
RewriteCond %{QUERY_STRING} ^(.*)wget\%20 [OR] 
RewriteCond %{QUERY_STRING}% s:(.*)wget
RewriteRule ^.*$ http://127.0.0.1/ [R,L] 

# prevent pre php 4.3.10 bug 
RewriteCond %{HTTP_COOKIE}% s:(.*):\%22test1\%22\%3b 
RewriteRule ^.*$ http://127.0.0.1/ [R,L]  

# this ruleset is to "stop" stupid attempts to use MS IIS Web Server expolits on us
# NIMDA
RewriteCond %{REQUEST_URI} /(admin|cmd|httpodbc|nsiislog|root|shell)\.(dll|exe) [NC]
RewriteRule .* - [F,L]

# CODERED
RewriteCond %{REQUEST_URI} /default\.(ida|idq)$ [NC,OR]
RewriteCond %{REQUEST_URI} /.*\.printer$ [NC]
RewriteRule .* - [F,L]

# IE's "make available offline" mode
RewriteCond %{HTTP_USER_AGENT} MSIECrawler [OR]

# unknown bot
RewriteCond %{HTTP_USER_AGENT} ^NG [OR]

# You may want to enable these lines below to disallow php and perl scripts to access your site
 RewriteCond %{HTTP_USER_AGENT} ^.*PHP.*$ [OR]
 RewriteCond %{HTTP_USER_AGENT} ^.*libwww-perl [NC,OR]

# Ignorant user trying to edit my website hosting
RewriteCond %{HTTP_USER_AGENT} FrontPage [OR]
#this one will ban everything microsoft. Use with caution.
RewriteCond %{HTTP_USER_AGENT} ^(Microsoft|MFC).(Data|URL|WebDAV|Foundation).(Access|Control|MiniRedir|Class) [NC,OR]

# MSOffice
RewriteCond %{REQUEST_URI} ^/(MSOffice|_vti) [NC,OR]

# Various
RewriteCond %{REQUEST_URI} ^/(bin/|cgi/|cgi\-local/|cgi\-bin/|sumthin) [NC,OR]
RewriteCond %{THE_REQUEST} ^GET\ http [NC,OR]
RewriteCond %{REQUEST_URI} /sensepost\.exe [NC,OR]
RewriteCond %{REQUEST_METHOD}!^(GET|HEAD|POST) [NC,OR]

# Cyveillance is a spybot that scours the web for copyright violations and ?damaging information? on
# behalf of clients such as the RIAA and MPAA. Their robot spoofs its User-Agent to look like Internet
# Explorer, and it completely ignores robots.txt. I have
# banned it by IP address.
RewriteCond %{REMOTE_ADDR} ^63\.148\.99\.2(2[4-9]|[34][0-9]|5[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^63\.226\.3[34]\. [OR]
RewriteCond %{REMOTE_ADDR} ^63\.212\.171\.161$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.118\.41\.(19[2-9]|2[01][0-9]|22[0-3])$ [OR]

# NameProtect peddles their ?online brand monitoring? to unsuspecting and gullible companies
# looking for people to sue. Despite the claims on their robot information page, they do not
# respect robots.txt; in fact, they spoof their User-Agent in multiple ways to avoid detection.
# I have banned them by User-Agent and IP address.
RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot	[NC,OR]

# Web Content International
RewriteCond %{REMOTE_ADDR} ^65\.102\.12\.2(2[4-9]|3[01])$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.102\.17\.(3[2-9]|[4-6][0-9]|7[01]|8[89]|9[0-5]|10[4-9]|11[01])$ [OR]
RewriteCond %{REMOTE_ADDR} ^65\.102\.23\.1(5[2-9]|6[0-7])$ [OR]

# dumb bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0$" [OR]

# Wordtracker
RewriteCond %{REMOTE_ADDR} ^128\.242\.197\.101$ [OR]

# Unknown
# unknown.Level3.net
RewriteCond %{REMOTE_ADDR} ^64\.156\.198\.(6[89]|7[0-9]|80)$ [OR]

# host25x.keebler.com
RewriteCond %{REMOTE_ADDR} ^65\.223\.250\.25[0-3]$ [OR]

# Turnitin spybot
RewriteCond %{REMOTE_ADDR} ^64\.140\.49\.6([6-9])$ [OR]
RewriteCond %{HTTP_USER_AGENT} TurnitinBot [OR]

# this ruleset is for formmail script abusers...
# we don't use Perl for Postnuke so this is not really needed.
RewriteCond %{REQUEST_URI} (mail.?form|form|form.?mail|mail|mailto)\.(cgi|exe|pl)$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FileHound.*$
RewriteRule .* - [F,L]

# dumb bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/3.0$" 
RewriteRule .* - [F,L]

<FILES .htaccess>
order allow,deny 
deny from all
</FILES>

Hope this help

[Davidpoul]

I check the site and I notice that it help me lot. Thank for this

[_Chris_]

That looks good. It would also be good that no-one else could edit the htaccess - what is the best way of ensuring that ? How safe and secure, is :

<FILES .htaccess>
order allow,deny
deny from all
</FILES>

[digi1001]

Thanks for the tip. Would using the rules in the post by _Chris_ above, compromise security?

[_Chris_]

Yep, I would like to know as well.

[Murakami]

Explain me please what is htaccess generator?

[Ben Stones]

Explain me please what is htaccess generator?

It allows you to easily create .htaccess rules for .htaccess files that are usually placed in the root website folder (i.e. on cPanel this would be the public_html or www folder). .htaccess can be used to block specific IPs from accessing a particular folder (or your entire website) and much much more.

For more information on .htaccess, read: .htaccess - Wikipedia, the free encyclopedia