aenigme/.htaccess

## .htaccess
### PERISHABLE PRESS 4G BLACKLIST ###

# ESSENTIALS
RewriteEngine on
ServerSignature Off
Options All -Indexes
Options +FollowSymLinks

# FILTER REQUEST METHODS
<IfModule mod_rewrite.c>
 RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
 RewriteRule ^(.*)$ - [F,L]
</IfModule>

# BLACKLIST CANDIDATES
<Limit GET POST PUT>
 Order Allow,Deny
 Allow from all
 Deny from 75.126.85.215   "# blacklist candidate 2008-01-02 = admin-ajax.php attack "
 Deny from 128.111.48.138  "# blacklist candidate 2008-02-10 = cryptic character strings "
 Deny from 87.248.163.54   "# blacklist candidate 2008-03-09 = block administrative attacks "
 Deny from 84.122.143.99   "# blacklist candidate 2008-04-27 = block clam store loser "
 Deny from 210.210.119.145 "# blacklist candidate 2008-05-31 = block _vpi.xml attacks "
 Deny from 66.74.199.125   "# blacklist candidate 2008-10-19 = block mindless spider running "
 Deny from 203.55.231.100  "# 1048 attacks in 60 minutes"
 Deny from 24.19.202.10    "# 1629 attacks in 90 minutes"
</Limit>

# QUERY STRING EXPLOITS
<IfModule mod_rewrite.c>
 RewriteCond %{QUERY_STRING} \.\.\/    [NC,OR]
 RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
 RewriteCond %{QUERY_STRING} tag\=     [NC,OR]
 RewriteCond %{QUERY_STRING} ftp\:     [NC,OR]
 RewriteCond %{QUERY_STRING} http\:    [NC,OR]
 RewriteCond %{QUERY_STRING} https\:   [NC,OR]
 RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|'|"|;|\?|\*).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]
 RewriteRule ^(.*)$ - [F,L]
</IfModule>

# CHARACTER STRINGS
<IfModule mod_alias.c>
 # BASIC CHARACTERS
 RedirectMatch 403 \,
 RedirectMatch 403 \:
 RedirectMatch 403 \;
 RedirectMatch 403 \=
 RedirectMatch 403 \@
 RedirectMatch 403 \[
 RedirectMatch 403 \]
 RedirectMatch 403 \^
 RedirectMatch 403 \`
 RedirectMatch 403 \{
 RedirectMatch 403 \}
 RedirectMatch 403 \~
 RedirectMatch 403 \"
 RedirectMatch 403 \$
 RedirectMatch 403 \<
 RedirectMatch 403 \>
 RedirectMatch 403 \|
 RedirectMatch 403 \.\.
 RedirectMatch 403 \/\/
 RedirectMatch 403 \%0
 RedirectMatch 403 \%A
 RedirectMatch 403 \%B
 RedirectMatch 403 \%C
 RedirectMatch 403 \%D
 RedirectMatch 403 \%E
 RedirectMatch 403 \%F
 RedirectMatch 403 \%22
 RedirectMatch 403 \%27
 RedirectMatch 403 \%28
 RedirectMatch 403 \%29
 RedirectMatch 403 \%3C
 RedirectMatch 403 \%3E
 RedirectMatch 403 \%3F
 RedirectMatch 403 \%5B
 RedirectMatch 403 \%5C
 RedirectMatch 403 \%5D
 RedirectMatch 403 \%7B
 RedirectMatch 403 \%7C
 RedirectMatch 403 \%7D
 # COMMON PATTERNS
 Redirectmatch 403 \_vpi
 RedirectMatch 403 \.inc
 Redirectmatch 403 xAou6
 Redirectmatch 403 db\_name
 Redirectmatch 403 select\(
 Redirectmatch 403 convert\(
 Redirectmatch 403 \/query\/
 RedirectMatch 403 ImpEvData
 Redirectmatch 403 \.XMLHTTP
 Redirectmatch 403 proxydeny
 RedirectMatch 403 function\.
 Redirectmatch 403 remoteFile
 Redirectmatch 403 servername
 Redirectmatch 403 \&rptmode\=
 Redirectmatch 403 sys\_cpanel
 RedirectMatch 403 db\_connect
 RedirectMatch 403 doeditconfig
 RedirectMatch 403 check\_proxy
 Redirectmatch 403 system\_user
 Redirectmatch 403 \/\(null\)\/
 Redirectmatch 403 clientrequest
 Redirectmatch 403 option\_value
 RedirectMatch 403 ref\.outcontrol
 # SPECIFIC EXPLOITS
 RedirectMatch 403 errors\.
 RedirectMatch 403 config\.
 RedirectMatch 403 include\.
 RedirectMatch 403 display\.
 RedirectMatch 403 register\.
 Redirectmatch 403 password\.
 RedirectMatch 403 maincore\.
 RedirectMatch 403 authorize\.
 Redirectmatch 403 macromates\.
 RedirectMatch 403 head\_auth\.
 RedirectMatch 403 submit\_links\.
 RedirectMatch 403 change\_action\.
 Redirectmatch 403 com\_facileforms\/
 RedirectMatch 403 admin\_db\_utilities\.
 RedirectMatch 403 admin\.webring\.docs\.
 Redirectmatch 403 Table\/Latest\/index\.
</IfModule>
	### PERISHABLE PRESS 4G BLACKLIST ###

	# ESSENTIALS
	RewriteEngine on
	ServerSignature Off
	Options All -Indexes
	Options +FollowSymLinks

	# FILTER REQUEST METHODS
	<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_METHOD} ^(TRACE\|DELETE\|TRACK) [NC]
	RewriteRule ^(.*)$ - [F,L]
	</IfModule>

	# BLACKLIST CANDIDATES
	<Limit GET POST PUT>
	Order Allow,Deny
	Allow from all
	Deny from 75.126.85.215 "# blacklist candidate 2008-01-02 = admin-ajax.php attack "
	Deny from 128.111.48.138 "# blacklist candidate 2008-02-10 = cryptic character strings "
	Deny from 87.248.163.54 "# blacklist candidate 2008-03-09 = block administrative attacks "
	Deny from 84.122.143.99 "# blacklist candidate 2008-04-27 = block clam store loser "
	Deny from 210.210.119.145 "# blacklist candidate 2008-05-31 = block _vpi.xml attacks "
	Deny from 66.74.199.125 "# blacklist candidate 2008-10-19 = block mindless spider running "
	Deny from 203.55.231.100 "# 1048 attacks in 60 minutes"
	Deny from 24.19.202.10 "# 1629 attacks in 90 minutes"
	</Limit>

	# QUERY STRING EXPLOITS
	<IfModule mod_rewrite.c>
	RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
	RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
	RewriteCond %{QUERY_STRING} tag\= [NC,OR]
	RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
	RewriteCond %{QUERY_STRING} http\: [NC,OR]
	RewriteCond %{QUERY_STRING} https\: [NC,OR]
	RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
	RewriteCond %{QUERY_STRING} ^.(\[\|\]\|\(\|\)\|<\|>\|'\|"\|;\|\?\|\).* [NC,OR]
	RewriteCond %{QUERY_STRING} ^.(%22\|%27\|%3C\|%3E\|%5C\|%7B\|%7C). [NC,OR]
	RewriteCond %{QUERY_STRING} ^.(%0\|%A\|%B\|%C\|%D\|%E\|%F\|127\.0). [NC,OR]
	RewriteCond %{QUERY_STRING} ^.(globals\|encode\|config\|localhost\|loopback). [NC,OR]
	RewriteCond %{QUERY_STRING} ^.(request\|select\|insert\|union\|declare\|drop). [NC]
	RewriteRule ^(.*)$ - [F,L]
	</IfModule>

	# CHARACTER STRINGS
	<IfModule mod_alias.c>
	# BASIC CHARACTERS
	RedirectMatch 403 \,
	RedirectMatch 403 \:
	RedirectMatch 403 \;
	RedirectMatch 403 \=
	RedirectMatch 403 \@
	RedirectMatch 403 \[
	RedirectMatch 403 \]
	RedirectMatch 403 \^
	RedirectMatch 403 \`
	RedirectMatch 403 \{
	RedirectMatch 403 \}
	RedirectMatch 403 \~
	RedirectMatch 403 \"
	RedirectMatch 403 \$
	RedirectMatch 403 \<
	RedirectMatch 403 \>
	RedirectMatch 403 \\|
	RedirectMatch 403 \.\.
	RedirectMatch 403 \/\/
	RedirectMatch 403 \%0
	RedirectMatch 403 \%A
	RedirectMatch 403 \%B
	RedirectMatch 403 \%C
	RedirectMatch 403 \%D
	RedirectMatch 403 \%E
	RedirectMatch 403 \%F
	RedirectMatch 403 \%22
	RedirectMatch 403 \%27
	RedirectMatch 403 \%28
	RedirectMatch 403 \%29
	RedirectMatch 403 \%3C
	RedirectMatch 403 \%3E
	RedirectMatch 403 \%3F
	RedirectMatch 403 \%5B
	RedirectMatch 403 \%5C
	RedirectMatch 403 \%5D
	RedirectMatch 403 \%7B
	RedirectMatch 403 \%7C
	RedirectMatch 403 \%7D
	# COMMON PATTERNS
	Redirectmatch 403 \_vpi
	RedirectMatch 403 \.inc
	Redirectmatch 403 xAou6
	Redirectmatch 403 db\_name
	Redirectmatch 403 select\(
	Redirectmatch 403 convert\(
	Redirectmatch 403 \/query\/
	RedirectMatch 403 ImpEvData
	Redirectmatch 403 \.XMLHTTP
	Redirectmatch 403 proxydeny
	RedirectMatch 403 function\.
	Redirectmatch 403 remoteFile
	Redirectmatch 403 servername
	Redirectmatch 403 \&rptmode\=
	Redirectmatch 403 sys\_cpanel
	RedirectMatch 403 db\_connect
	RedirectMatch 403 doeditconfig
	RedirectMatch 403 check\_proxy
	Redirectmatch 403 system\_user
	Redirectmatch 403 \/\(null\)\/
	Redirectmatch 403 clientrequest
	Redirectmatch 403 option\_value
	RedirectMatch 403 ref\.outcontrol
	# SPECIFIC EXPLOITS
	RedirectMatch 403 errors\.
	RedirectMatch 403 config\.
	RedirectMatch 403 include\.
	RedirectMatch 403 display\.
	RedirectMatch 403 register\.
	Redirectmatch 403 password\.
	RedirectMatch 403 maincore\.
	RedirectMatch 403 authorize\.
	Redirectmatch 403 macromates\.
	RedirectMatch 403 head\_auth\.
	RedirectMatch 403 submit\_links\.
	RedirectMatch 403 change\_action\.
	Redirectmatch 403 com\_facileforms\/
	RedirectMatch 403 admin\_db\_utilities\.
	RedirectMatch 403 admin\.webring\.docs\.
	Redirectmatch 403 Table\/Latest\/index\.
	</IfModule>