Forked from muhammad-owais-javed/OS-GreymonSheet.sh
Created
November 23, 2021 07:57
-
-
Save hien/5dfc2ca00cd69c49fa9c254a70f67f0e to your computer and use it in GitHub Desktop.
Scripts, Commands, Configurations, Package Deployments and Apache .htaccess rules particularly as per Cloudways stack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #OS-GreymonSheet | |
| #For switching to Master user | |
| for user in $(cat /etc/passwd | grep master | awk -F : '{print $1}'); do su $user; done | |
| #For Finding application with corresponging domain name | |
| grep -lr "domain.com" */conf/* | |
| #For checking apache logs of every application in Cloudways | |
| for A in $(ls -l /home/master/applications/| grep "^d" | awk '{print $NF}'); do echo $A && awk '{print $1,$7}' /home/master/applications/$A/logs/apache_*.access.log | cut -d? -f1 | sort | uniq -c |sort -nr | head -n 5 | awk -F";" '{print $1}' ; done | |
| #Summarizing or sorting logs for finding Directory or Pages facing Attack or bulk amount of traffic: | |
| zcat apache_*.access.log.*.gz | awk '{ print $1,$7 }' | sort -n | uniq -c | sort -nr | head -20 | |
| #For checking apache logs of single application in Cloudways | |
| for A in $(ls | awk '{print $NF}'); do echo $A && cat $A/logs/apache_*.access.log | cut -f 1 -d ' '|sort|uniq -c|sort -nr| head -n 15 | awk -F";" '{print $1}' ; done | |
| #Checking for the IP's Performing DDOS attack. | |
| netstat -ntu|awk '{print $5}'| cut -d: -f1 -s | sort| uniq -c| sort -nk1 -r | |
| #For separating bots list from log file | |
| awk -F ';' '/bot/ {print $2}' apache_wordpress-xxxxxx-xxxxxx.cloudwaysapps.com.access.log | |
| #Separating Domain Names From server.nginx | |
| #In General | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g' | uniq | |
| <!-- For Priniting with Line Numbers --!> | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g' | uniq | nl | |
| #In Cloudways | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq | |
| w<!-- For Priniting with Line Numbers --!> | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq | nl | |
| "NF = A predefined variable whose value is the number of fields in the current record. | |
| Awk automatically updates the value of NF each time it reads a record. | |
| In Sed, 's/' is for search and replace, '/g' is for global and will effect all the occurence. | |
| nl = For printing output with line numbers" | |
| #Separating Domain Names From server.nginx and checking DNS Records for that | |
| #In General | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g' | uniq | xargs dig @8.8.8.8 +noall +question +answer ANY | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g'| uniq | xargs -L 1 host | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g'| uniq > /var/tmp/servernames && dig @8.8.8.8 -f /var/tmp/servernames +noall +answer ANY | |
| #In Cloudways and removing #UI_Domain_alias | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq | xargs dig @8.8.8.8 +noall +question +answer ANY | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq | xargs -L 1 host | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq > /var/tmp/servernames && dig @8.8.8.8 -f /var/tmp/servernames +noall +answer ANY | |
| "xargs will take argument from the previous command run. | |
| We have defined nameserver because default nameserver in Cloudways doesnot allow type "ANY" query." | |
| #Separating domain names from server.nginx whose DNS A Records are not pointing anywhere else | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed 's/\;//g'| uniq | xargs -L 1 host | awk {'if ($1=="Host")print $2'} | |
| #If want to remove #UI_Domain_alias | |
| awk '{for(i=2;i<=NF;++i)print $i}' server.nginx | sed -e 's/\;//g' -e 's/\#UI_Domain_alias//g' | uniq | xargs -L 1 host | awk {'if ($1=="Host") print $2'} | |
| "xargs will take argument from the previous command run and -L is specifying to read one line at a time." | |
| #Searching for single plugin in all applications on server | |
| for i in $(find /home/master/applications/*/public_html/wp-content/plugins/ -maxdepth 1 -type d | grep "<plugin-name>"| cut -d "/" -f5); do echo $i && cat /home/master/applications/$i/conf/server.nginx | grep server_name | grep -v Domain_alias | awk -F";" '{print $1}' ; done 2>/dev/null | |
| #Searching for more than one plugin in applications on server | |
| for i in $(find /home/master/applications/*/public_html/wp-content/plugins/ -maxdepth 1 -type d | grep "<plugin-name>\|<plugin-name>\|<plugin-name>"| cut -d "/" -f5); do echo $i && cat /home/master/applications/$i/conf/server.nginx | grep server_name | grep -v Domain_alias | awk -F";" '{print $1}' ; done 2>/dev/null | |
| #For app specific bandwidth (Tx) calculation. To be run inside application's log directory; | |
| for i in {30..0};do zcat -f *_*.access.log*| awk -v day="$(date --date="$i days ago" '+%d/%b/%Y')" '$4 ~ day {sum += $10} END {print day, sum/1024/1024 " MB"}';done | |
| #For checking SWAP usage of each process | |
| for file in /proc/*/status ; do awk '/VmSwap|Name/{printf $2 " " $3}END{ print ""}' $file; done | sort -nrk 2 | |
| #'Command to find banned IPs in Fail2ban | |
| fail2ban-client status | grep “Jail list:” | sed “s/ //g” | awk ‘{split($2,a,”,”);for(i in a) system(“fail2ban-client status ” a[i])}’ | grep ‘IP list’ | |
| #Script for whitelisting all IP's that were enlisted in fail2ban | |
| #!/bin/bash | |
| for JAIL in $(fail2ban-client status | grep 'Jail list:' | awk 'BEGIN {FS="\t"} {print $2}' | sed 's/, / /g') | |
| do | |
| for IP in $(fail2ban-client status ${JAIL} | grep 'Banned IP list:' | awk 'BEGIN {FS="\t"} {print $2}' | sed 's/ /\n/g') | |
| do | |
| fail2ban-client set ${JAIL} unbanip ${IP} | |
| done | |
| done | |
| unset JAIL IP | |
| exit 0 | |
| #***************************Nodejs, NPM, NVM***************************# | |
| #Dfault bash aliase file for nvm (Either leave it empty or add following rules) | |
| vi /home/master/.bash_aliases | |
| export PATH='/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/home/master/bin/npm:/home/master/bin/npm:/home/master/bin/npm:/home/master/bin/npm:/home/master/bin/npm' | |
| export NODE_PATH=':/home/master/bin/npm/lib/node_modules:/home/master/bin/npm/lib/node_modules:/home/master/bin/npm/lib/node_modules:/home/master/bin/npm/lib/node_modules:/home/master/bin/npm/lib/node_modules' | |
| export NVM_DIR="$HOME/.nvm" | |
| [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm | |
| [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion | |
| #Updating NodeJs Version | |
| #Version 10.0.0 | |
| curl https://gist.githubusercontent.com/cloudways-haider/f7cb6627f6674c263624589d360e12b4/raw/9d0b2c78ace5b7b2dedb411e9d676129e34b470a/nvm_install.sh | bash | |
| source ~/.bashrc | |
| nvm install 10.0.0 | |
| #Version 12.0.0 | |
| curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash | |
| source ~/.bashrc | |
| nvm install 12.0.0 | |
| #Version 14.13.1 | |
| curl https://gist.githubusercontent.com/cloudways-haider/f7cb6627f6674c263624589d360e12b4/raw/9d0b2c78ace5b7b2dedb411e9d676129e34b470a/nvm_install.sh | bash | |
| source ~/.bashrc | |
| nvm install 14.13.1 | |
| #If it still shows older version | |
| #Add this line at the last of .bash_aliases for corresponding version | |
| vi /home/master/.bash_aliases | |
| nvm use --delete-prefix v14.13.1 --silent | |
| #For updating NPM version | |
| npm install -g npm@latest | |
| #Install pm2 | |
| cd && echo "alias pm2='/home/master/bin/npm/lib/node_modules/bin/pm2'" >> .bash_aliases | |
| npm install pm2@latest -g | |
| #Install expo-cli | |
| npm install -g expo-cli | |
| #If error occurs in the installation and unable to debug | |
| apt-get purge nodejs | |
| rm -rf /usr/lib/node_modules/* | |
| echo > /home/master/.bash_aliases | |
| apt-get install nodejs | |
| cd /home/master/ | |
| "Now attempt to install node, nvm, pm2 with master user" | |
| "If error occurs, install it with root user and then change ownership of /usr/lib/node_modules for master user" | |
| #*******************************************************************# | |
| #****************************** Composer ******************************# | |
| #For changing Composer version (Root access required) | |
| composer self-update 2.0.3 | |
| #Downgrading Composer Version | |
| composer self-update 1.10.19 -r | |
| composer self-update 1.10.19 | |
| #If wish to keep both versions, then it can be install through master user | |
| #Composer 1 | |
| cd /home/master/ && wget https://getcomposer.org/download/1.10.17/composer.phar | |
| chmod +x composer.phar | |
| mv composer.phar composer | |
| /home/master/composer --version | |
| #Composer 2 | |
| cd /home/master/ && wget https://getcomposer.org/download/2.0.8/composer.phar | |
| chmod +x composer.phar | |
| mv composer.phar composer | |
| /home/master/composer --version | |
| #************************************************************************# | |
| #Restarting webstack services | |
| service apache2 restart | |
| service nginx restart | |
| service mysql restart | |
| /etc/init.d/php7.0-fpm restart | |
| /etc/init.d/php7.1-fpm restart | |
| /etc/init.d/php7.2-fpm restart | |
| /etc/init.d/php7.3-fpm restart | |
| /etc/init.d/php7.4-fpm restart | |
| /etc/init.d/php8.0-fpm restart | |
| service varnish restart | |
| /etc/init.d/memcached restart | |
| redis-cli flushall | |
| #For restoring deleted application | |
| /var/cw/scripts/bash/duplicity_restore.sh --src dbname -c | |
| /var/cw/scripts/bash/duplicity_restore.sh --src dbname -r --dst '/home/master/applications/dbname/tmp' --time "1996-08-01T05:30:00" | |
| #DRY RUN SSL | |
| /usr/local/bin/letsencrypt-auto certonly --dry-run --text --non-interactive --webroot -w /home/master/applications/app_name/public_html/ -d domain.com --no-self-upgrade | |
| #For checking lets encrypt version | |
| /usr/local/bin/letsencrypt-auto --version --no-self-upgrade | |
| #Installting phpmyadmin on cloudways | |
| wget https://files.phpmyadmin.net/phpMyAdmin/5.0.4/phpMyAdmin-5.0.4-all-languages.zip | |
| unzip phpMyAdmin-5.0.4-all-languages.zip | |
| mv phpMyAdmin-5.0.4-all-languages phpmyadmin | |
| #Installing Drush | |
| wget -O drush.phar https://github.com/drush-ops/drush-launcher/releases/download/0.6.0/drush.phar | |
| chmod +x drush.phar | |
| mv drush.phar /usr/local/bin/drush | |
| #Installing AWS-CLI | |
| curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
| unzip awscliv2.zip | |
| sudo ./aws/install | |
| #For installing Clamav | |
| http://www.clamav.net/download.html | |
| apt-get install clamav | |
| freshclam | |
| touch /var/log/freshclam.log | |
| chmod 600 /var/log/freshclam.log | |
| chown clamav /var/log/freshclam.log | |
| vi /etc/clamav/freshclam.conf | |
| UpdateLogFile /var/log/clamav/freshclam.log | |
| UpdateLogFile /var/log/freshclam.log | |
| clamscan -r public_html | |
| #For insalling phonetic and icu | |
| bin/elasticsearch-plugin install analysis-phonetic | |
| bin/elasticsearch-plugin install analysis-icu | |
| #Bandwidth Monitoring Tool | |
| wget -c https://github.com/raboof/nethogs/archive/v0.8.1.tar.gz | |
| tar xf v0.8.1.tar.gz | |
| cd ./nethogs-0.8.1/ | |
| sudo apt-get install libncurses5-dev libpcap-dev | |
| make && make install | |
| sudo nethogs | |
| #***************Shorewall***************# | |
| #If Database Manager Not Opening or showing Timeout | |
| #Whitelist IP in Shorewall macro.ADMINER | |
| vi /etc/shorewall/macro.ADMINER | |
| PARAM net:ip_address #hostname | |
| /etc/init.d/shorewall restart | |
| #For opening port in Shorewall: | |
| vi /etc/shorewall/rules | |
| ACCEPT net fw tcp <port-number> | |
| #For Blacklisting IP's in Shorewall | |
| vi /etc/shorewall/interfaces | |
| net eth0 detect dhcp,tcpflags,routefilter,nosmurfs,logmartians,blacklist | |
| vi /etc/shorewall/blacklist | |
| 'IP will be required to be added in next line' | |
| #For checking shorewall rules | |
| shorewall check | |
| /etc/init.d/shorewall restart | |
| #***************************************# | |
| #In case of 502 Nginx error due to proxy | |
| #For changing Proxy Params: | |
| vi /etc/nginx/nginx_proxy_params | |
| client_body_buffer_size 128k; | |
| proxy_buffer_size 128k; | |
| proxy_buffers 16 256k; | |
| proxy_busy_buffers_size 256k; | |
| vi /etc/nginx/sites-available/<appfoldername> | |
| # proxy_pass http://ngx_backends; | |
| proxy_pass http://127.0.0.1:8081; | |
| #For changing PHP children processes and max requests | |
| vi /etc/phppool.d/cloudways.conf | |
| pm = ondemand | |
| pm.max_children = 20 | |
| pm.process_idle_timeout = 2s | |
| pm.max_requests = 150 | |
| #"If Error Occurs: [mpm_prefork:error] [pid 3893] AH00161: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting" | |
| #Change apache request workers and connections per child | |
| vi /etc/apache2/mods-available/mpm_prefork.conf | |
| <IfModule mpm_prefork_module> | |
| StartServers 100 | |
| MinSpareServers 100 | |
| MaxSpareServers 2000 | |
| MaxRequestWorkers 500 | |
| MaxConnectionsPerChild 500 | |
| MaxClients 5000 | |
| ServerLimit 5000 | |
| </IfModule> | |
| #If Magento app not showing thumbnails | |
| https://magento.stackexchange.com/questions/317237/thumbs-not-showing-in-insert-file-in-admin (I have answered it in last thread) | |
| vi /etc/nginx/additional_server_conf | |
| location ~ /\.(?!well-known\/|thumbswysiwyg\/).*$ { | |
| deny all; | |
| } | |
| location ~ /\.(?!well-known\/|thumbs\/|thumbswysiwyg\/).*$ { | |
| deny all; | |
| } | |
| #For allowing VCL File of magento/wordpress on Custom PHP Application | |
| vi /etc/nginx/sites-available/<appfoldername> | |
| proxy_set_header X-Application magento; | |
| proxy_set_header X-Version 233; | |
| #For New Relic License Installation | |
| newrelic-install install | |
| /etc/init.d/php7.0-fpm restart | |
| /etc/init.d/php7.1-fpm restart | |
| /etc/init.d/php7.2-fpm restart | |
| /etc/init.d/php7.3-fpm restart | |
| /etc/init.d/php7.4-fpm restart | |
| /etc/init.d/php8.0-fpm restart | |
| service apache2 restart | |
| #For checking xmlrpc requests on all applications | |
| grep xmlrpc */logs/nginx-app.status.log | |
| #For blocking xmlrpc request for all apps | |
| vi /etc/nginx/additional_server_conf | |
| location ~ /xmlrpc.php { | |
| allow 127.0.0.1; | |
| deny all; | |
| } | |
| #Bot Blocking from nginx (Not Recommended) | |
| if ($http_user_agent ~* (360Spider|acapbot|acoonbot|adsbot|ahrefs|alexibot|asterias|attackbot|backdorbot|becomebot|binlar|blackwidow|blekkobot|blexbot|blowfish|bullseye|bunnys|butterfly|careerbot|casper|checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|cy_cho|datacha|demon|diavol|discobot|dittospyder|dotbot|dotnetdotcom|dumbot|emailcollector|emailsiphon|emailwolf|exabot|extract|eyenetie|feedfinder|flaming|flashget|flicky|foobot|g00g1e|getright|gigabot|go-ahead-got|gozilla|grabnet|grafula|harvest|heritrix|httrack|icarus6j|jetbot|jetcar|jikespider|kmccrew|leechftp|libweb|linkextractor|linkscan|linkwalker|loader|miner|majestic|mechanize|mj12bot|morfeus|moveoverbot|netmechanic|netspider|nicerspro|nikto|ninja|nutch|octopus|pagegrabber|planetwork|postrank|proximic|purebot|pycurl|python|queryn|queryseeker|radian6|radiation|realdownload|rogerbot|scooter|seekerspider|semalt|seznambot|siclab|sindice|sistrix|sitebot|siteexplorer|sitesnagger|skygrid|smartdownload|snoopy|sosospider|spankbot|spbot|sqlmap|stackrambler|stripper|sucker|surftbot|sux0r|suzukacz|suzuran|takeout|teleport|telesoft|true_robots|turingos|turnit|vampire|vikspider|voideye|webleacher|webreaper|webstripper|webvac|webviewer|webwhacker|winhttp|wwwoffle|woxbot|xaldon|xxxyy|yamanalab|yioopbot|youda|zeus|zmeu|zune|zyborg|Jorgee|CCBot|commoncrawl|BLEXBot|yacybot|Wotbox|SEOkicks-Robot|woobot|linkdexbot|Baiduspider|Exabot|MJ12bot|Semrushbot|HaosouSpider|Slurp|libwww|LWP|damnBot|BBBike|java|spider|BLEXBot|ZumBot|TjoosBot|Spider|yandex) ) { | |
| return 403; | |
| } | |
| #For disabling recommended package installation through apt | |
| vi /etc/apt/apt.conf.d/00InstallRecommends | |
| APT::Install-Recommends "false"; | |
| #For checking I/O performance of server | |
| fio --randrepeat=1 --ioengine=libaio --direct=1 --gtod_reduce=1 --name=test --filename=random_read_write.fio --bs=4k --iodepth=64 --size=4G --readwrite=randrw --rwmixread=85 | |
| #For Stopping supervisord job with example | |
| supervisord stop <job> | |
| supervisor stop laravel-worker:laravel-worker_00 | |
| supervisor start <app-folder-name>_1:<app-folder-name>_1_07 | |
| #In case of removing of session folder | |
| mkdir /home/sessions/php7/sessions | |
| chmod -v 1733 /home/sessions/php7/sessions | |
| #For pcre jit, add following line in Application Settings > PHP-FPM Settings | |
| php_admin_value[pcre.jit] = 0 | |
| #####################Wordpress Import Resolution ################ | |
| "*If Wordpress internal Process execution lags which includes (intervention of PHP+MYSQL)* | |
| *For example:* Wp import or Export operation fails or takes huge amount of time to complete. | |
| *Steps to follow:*" | |
| 1- Mysql Version should be greater than 5.5. | |
| 2- Engine should be InnoDB of all the tables except Mysql' informations schema'. | |
| 3- Php version should be 7 or above. | |
| 4- Memory limit should be set with an appropriate value. | |
| 5- Then run "wp cron event list". | |
| 6- Hooks list would be populated with `delete_version_transients`. | |
| 7- Disable line 162 in `wp-content/plugins/woocommerce/includes/class-wc-cache-helper.php` . | |
| 8- Run `"wp cron event delete delete_version_transients"` to remove the old hooks. | |
| ################################################################# | |
| #If Supervisor give Fatal Error | |
| https://stackoverflow.com/questions/50912491/laravel-queues-with-supervisor-entered-fatal-state-too-many-start-retries-too | |
| #mcrypt installation method | |
| https://stackoverflow.com/questions/55678023/how-to-install-mcrypt-on-php-7-3-3-ubuntu | |
| #Wordpress Plugin to purge Varnish | |
| https://wordpress.org/plugins/varnish-http-purge/ | |
| #List of Wordpress site optimization plugin | |
| https://github.com/lukecav/awesome-wp-speed-up | |
| #Rackspace Migration Tool | |
| https://dnswonder.bittitan.com/Tools/ImapTest.aspx | |
| https://rackspace.selfmigration.com/Public/Default.aspx | |
| #For Error: Warning: count(): Parameter must be an array or an object that implements Countable in /home/xxxxx.cloudwaysapps.com/<app-folder-name>/public_html/catalog/view/theme/pav_floral/template/common/header/default.tpl on line 74 | |
| Just declare variable and store it in array: | |
| if (count($modules) && !empty($modules)) { ?> | |
| "Like this:" | |
| if (count(array($modules)) && !empty($modules)) { ?> | |
| #Mautic CMS Permission | |
| find . -type f -not -perm 644 -exec chmod 644 {} + | |
| find . -type d -not -perm 644 -exec chmod 755 {} + | |
| chmod -R g+w var/cache/ var/logs/ app/config/ | |
| chmod -R g+w media/files/ media/images/ translations/ | |
| rm -rf var/cache/* | |
| #For excluding particlar query string from Varnish | |
| ^/\?ref | |
| #For downgrading breeze version | |
| wp plugin update breeze --version=1.1.11 | |
| ##################### Apache .htaccess rules ##################### | |
| #Default htaccess rule | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^index\.php$ - [L] | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule . /index.php [L] | |
| #SSL acme_challenge | |
| RewriteEngine On | |
| RewriteRule ^.well-known/acme-challenge - [L] | |
| # Use HTTP Strict Transport Security to force client to use secure connections only | |
| Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" | |
| #For Blocking Bots request | |
| RewriteEngine On | |
| RewriteCond %{HTTP_USER_AGENT} ^.*(SCspider|Textbot|s2bot|MJ12bot|YandexBot|SemrushBot|AspiegelBot|BLEXBot|webmeup-crawler|oBot|Semrush|SiteExplorer|BaiDuSpider).*$ [NC] | |
| RewriteRule .* - [F,L] | |
| #Bot Blocking python requests | |
| RewriteEngine On | |
| RewriteCond %{HTTP_USER_AGENT} python-requests [NC] | |
| RewriteRule .* - [F,L] | |
| #Blocking specific IP's | |
| <Limit GET POST> | |
| order allow,deny | |
| # For Denying IP's | |
| deny from ipaddress | |
| deny from ipaddress | |
| deny from ipaddress | |
| deny from ipaddress | |
| deny from ipaddress | |
| allow from all | |
| </Limit> | |
| #Allowing Specific IP's | |
| <Limit GET POST> | |
| order deny,allow | |
| deny from all | |
| # For Allowing IP's | |
| allow from ipaddress | |
| allow from ipaddress | |
| allow from ipaddress | |
| </Limit> | |
| #If need to allow file to be open without any extension like owaisjaved.test/testfile | |
| <IfModule mod_rewrite.c> | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteRule ^([^\.]+)$ $1.php [NC,L] | |
| </IfModule> | |
| #For Redirecting to wwww | |
| RewriteEngine on | |
| RewriteCond %{HTTP_HOST} ^example.com [NC] | |
| RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC] | |
| #For redirecting from one domain to another | |
| RewriteEngine on | |
| RewriteCond %{HTTP_HOST} ^olddomain.com [NC] | |
| RewriteRule ^(.*)$ http://newdomain.com/$1 [L,R=301,NC] | |
| #Domain to subdirectory redirection rule | |
| # Aliases | |
| RewriteEngine On | |
| RewriteCond %{HTTP_HOST} ^(www\.)?owaisjaved\.pk [NC] | |
| RewriteRule ^(.*)$ https://owaisjaved.com/pk/$1 [R,L] | |
| #END Aliases | |
| #For redirecting subdirectory files to index.php | |
| RewriteBase /sub-directory | |
| RewriteRule .* index.php [R=301,L] | |
| #For removing query string | |
| RewriteEngine On | |
| RewriteCond %{QUERY_STRING} "lang=" [NC] | |
| RewriteRule (.*) /$1? [R=301,L] | |
| #Content Security Header | |
| <IfModule mod_headers.c> | |
| Header set Content-Security-Policy "default-src 'self'; script-src 'self';" | |
| </IfModule> | |
| #X-frame-options header: | |
| Header set X-Frame-Options "ALLOW-FROM URL" | |
| #No referrer Policy: | |
| Header always set Referrer-Policy "same-origin" | |
| #Code Ignitor Rule | |
| RewriteEngine on | |
| RewriteCond $1 !^(index\.php|resources|robots\.txt) | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule ^(.*)$ index.php\?$1 [L,QSA] | |
| ##################### ##################### ##################### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment