kanakiyajay/.htaccess

## .htaccess
<FilesMatch "^(wp-config\.php|wp-cache-config\.php|advanced-cache\.php|php\.ini|php5\.ini|config\.php|db\.php|db-config\.ini)">
Order Deny,Allow
Deny from all
</FilesMatch>

### If you have one or more dedicated IP addresses, uncomment the below
### from <FilesMatch to </FilesMatch then replace the IP addresess with
### your own; and completely remove any IP address line not necessary.
###
### For example, if you only have one dedicated IP address, there
### should only be one "allow from" line and not three.
###
#<FilesMatch "^(wp-login\.php|install\.php|readme\.html)">
#Order Deny,Allow
#Deny from all
#allow from 24.229.66.131
#allow from 166.143.220.38
#</FilesMatch>

# Turn off directory indexes
IndexIgnore *
Options All -Indexes

# prevent access to PHP error log
<Files php_error.log>
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

########## Begin - Common hacking tools and bandwidth hoggers block
# This line also disables Akeeba Remote Control 2.5 and earlier
SetEnvIf user-agent "Indy Library" stayout=1
# WARNING: Disabling wget will also block the most common method for
# running CRON jobs. Remove if you have issues with CRON jobs.
###SetEnvIf user-agent "Wget" stayout=1
# The following rules are for bandwidth-hogging download tools
SetEnvIf user-agent "libwww-perl" stayout=1
SetEnvIf user-agent "Download Demon" stayout=1
SetEnvIf user-agent "GetRight" stayout=1
SetEnvIf user-agent "GetWeb!" stayout=1
SetEnvIf user-agent "Go!Zilla" stayout=1
SetEnvIf user-agent "Go-Ahead-Got-It" stayout=1
SetEnvIf user-agent "GrabNet" stayout=1
SetEnvIf user-agent "TurnitinBot" stayout=1
# This line denies access to all of the above tools
deny from env=stayout
########## End - Common hacking tools and bandwidth hoggers block

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# If the request query string contains /proc/self/environ (by SigSiu.net)
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
# (these attacks wouldn't work w/out Joomla! 1.5's Legacy Mode plugin)
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode or base64_decode data within the URL
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [OR]
## IMPORTANT: If the above line throws an HTTP 500 error, replace it with these 2 lines:
# RewriteCond %{QUERY_STRING} base64_encode\(.*\) [OR]
# RewriteCond %{QUERY_STRING} base64_decode\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
########## End - Rewrite rules to block out some common exploits

########## Begin - File injection protection, by SigSiu.net
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
########## End - File injection protection

########## Begin - Advanced server protection - query strings, referrer and config
# Advanced server protection, version 3.2 - May 2011
# by Nicholas K. Dionysopoulos

## Disallow PHP Easter Eggs (can be used in fingerprinting attacks to determine
## your PHP version). See http://www.0php.com/php_easter_egg.php and
## http://osvdb.org/12184 for more information
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]
RewriteRule .* - [F]

#Block mySQL injects - http://docs.joomla.org/Htaccess_examples_%28security%29
RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark) [NC]
RewriteRule .* - [F]
########## End - Advanced server protection - query strings, referrer and config

### Needed by WordPress for permalinks
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# Block the include-only files.
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]

# comment spam protection
# replace dynamicnet.net with your domain name
# http://www.catswhocode.com/blog/10-htaccess-snippets-to-optimize-your-website
#RewriteCond %{REQUEST_METHOD} POST
#RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
#RewriteCond %{HTTP_REFERER} !.*dynamicnet.net.* [OR]
#RewriteCond %{HTTP_USER_AGENT} ^$
#RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
#

</IfModule>

<IfModule mod_headers.c>
  <FilesMatch "\.(js|css|xml|gz)$">
    Header append Vary Accept-Encoding
  </FilesMatch>
</IfModule>

### To help with compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
AddOutputFilterByType DEFLATE application/javascript application/x-javascript

BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</IfModule>

########## Begin - ETag Optimization
## This rule will create an ETag for files based only on the modification
## timestamp and their size. This works wonders if you are using rsync'ed
## servers, where the inode number of identical files differs.
## Note: It may cause problems on your server and you may need to remove it
FileETag MTime Size
########## End - ETag Optimization


########## Begin - Optimal default expiration time
## Note: this might cause problems and you might have to comment it out by
## placing a hash in front of this section's lines
<IfModule mod_expires.c>
        # Enable expiration control
        ExpiresActive On

        # Default expiration: 1 hour after request
        ExpiresDefault "now plus 1 hour"

        # CSS and JS expiration: 2 week after request
        ExpiresByType text/css "now plus 2 weeks"
        ExpiresByType application/javascript "now plus 2 weeks"
        ExpiresByType application/x-javascript "now plus 2 weeks"

        # Image files expiration: 1 month after request
        ExpiresByType image/bmp "now plus 1 month"
        ExpiresByType image/gif "now plus 1 month"
        ExpiresByType image/jpeg "now plus 1 month"
        ExpiresByType image/jp2 "now plus 1 month"
        ExpiresByType image/pipeg "now plus 1 month"
        ExpiresByType image/png "now plus 1 month"
        ExpiresByType image/svg+xml "now plus 1 month"
        ExpiresByType image/tiff "now plus 1 month"
        ExpiresByType image/vnd.microsoft.icon "now plus 1 month"
        ExpiresByType image/x-icon "now plus 1 month"
        ExpiresByType image/ico "now plus 1 month"
        ExpiresByType image/icon "now plus 1 month"
        ExpiresByType text/ico "now plus 1 month"
        ExpiresByType application/ico "now plus 1 month"
        ExpiresByType image/vnd.wap.wbmp "now plus 1 month"
        ExpiresByType application/vnd.wap.wbxml "now plus 1 month"
        ExpiresByType application/smil "now plus 1 month"

        # Audio files expiration: 1 month after request
        ExpiresByType audio/basic "now plus 1 month"
        ExpiresByType audio/mid "now plus 1 month"
        ExpiresByType audio/midi "now plus 1 month"
        ExpiresByType audio/mpeg "now plus 1 month"
        ExpiresByType audio/x-aiff "now plus 1 month"
        ExpiresByType audio/x-mpegurl "now plus 1 month"
        ExpiresByType audio/x-pn-realaudio "now plus 1 month"
        ExpiresByType audio/x-wav "now plus 1 month"

        # Movie files expiration: 1 month after request
        ExpiresByType application/x-shockwave-flash "now plus 1 month"
        ExpiresByType x-world/x-vrml "now plus 1 month"
        ExpiresByType video/x-msvideo "now plus 1 month"
        ExpiresByType video/mpeg "now plus 1 month"
        ExpiresByType video/mp4 "now plus 1 month"
        ExpiresByType video/quicktime "now plus 1 month"
        ExpiresByType video/x-la-asf "now plus 1 month"
        ExpiresByType video/x-ms-asf "now plus 1 month"
</IfModule>
########## End - Optimal expiration time

## Any Redirects go here
##
##
## EOF

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /xampp/projects/jquer.in/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /xampp/projects/jquer.in/index.php [L]
</IfModule>

# END WordPress
	<FilesMatch "^(wp-config\.php\|wp-cache-config\.php\|advanced-cache\.php\|php\.ini\|php5\.ini\|config\.php\|db\.php\|db-config\.ini)">
	Order Deny,Allow
	Deny from all
	</FilesMatch>

	### If you have one or more dedicated IP addresses, uncomment the below
	### from <FilesMatch to </FilesMatch then replace the IP addresess with
	### your own; and completely remove any IP address line not necessary.
	###
	### For example, if you only have one dedicated IP address, there
	### should only be one "allow from" line and not three.
	###
	#<FilesMatch "^(wp-login\.php\|install\.php\|readme\.html)">
	#Order Deny,Allow
	#Deny from all
	#allow from 24.229.66.131
	#allow from 166.143.220.38
	#</FilesMatch>

	# Turn off directory indexes
	IndexIgnore *
	Options All -Indexes

	# prevent access to PHP error log
	<Files php_error.log>
	Order allow,deny
	Deny from all
	Satisfy All
	</Files>

	########## Begin - Common hacking tools and bandwidth hoggers block
	# This line also disables Akeeba Remote Control 2.5 and earlier
	SetEnvIf user-agent "Indy Library" stayout=1
	# WARNING: Disabling wget will also block the most common method for
	# running CRON jobs. Remove if you have issues with CRON jobs.
	###SetEnvIf user-agent "Wget" stayout=1
	# The following rules are for bandwidth-hogging download tools
	SetEnvIf user-agent "libwww-perl" stayout=1
	SetEnvIf user-agent "Download Demon" stayout=1
	SetEnvIf user-agent "GetRight" stayout=1
	SetEnvIf user-agent "GetWeb!" stayout=1
	SetEnvIf user-agent "Go!Zilla" stayout=1
	SetEnvIf user-agent "Go-Ahead-Got-It" stayout=1
	SetEnvIf user-agent "GrabNet" stayout=1
	SetEnvIf user-agent "TurnitinBot" stayout=1
	# This line denies access to all of the above tools
	deny from env=stayout
	########## End - Common hacking tools and bandwidth hoggers block

	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /

	########## Begin - Rewrite rules to block out some common exploits
	## If you experience problems on your site block out the operations listed below
	## This attempts to block the most common type of exploit `attempts` to Joomla!
	#
	# If the request query string contains /proc/self/environ (by SigSiu.net)
	RewriteCond %{QUERY_STRING} proc/self/environ [OR]
	# Block out any script trying to set a mosConfig value through the URL
	# (these attacks wouldn't work w/out Joomla! 1.5's Legacy Mode plugin)
	RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=\|\%3D) [OR]
	# Block out any script trying to base64_encode or base64_decode data within the URL
	RewriteCond %{QUERY_STRING} base64_(en\|de)code[^(]\([^)]\) [OR]
	## IMPORTANT: If the above line throws an HTTP 500 error, replace it with these 2 lines:
	# RewriteCond %{QUERY_STRING} base64_encode\(.*\) [OR]
	# RewriteCond %{QUERY_STRING} base64_decode\(.*\) [OR]
	# Block out any script that includes a <script> tag in URL
	RewriteCond %{QUERY_STRING} (<\|%3C)([^s]s)+cript.(>\|%3E) [NC,OR]
	# Block out any script trying to set a PHP GLOBALS variable via URL
	RewriteCond %{QUERY_STRING} GLOBALS(=\|\[\|\%[0-9A-Z]{0,2}) [OR]
	# Block out any script trying to modify a _REQUEST variable via URL
	RewriteCond %{QUERY_STRING} _REQUEST(=\|\[\|\%[0-9A-Z]{0,2})
	# Return 403 Forbidden header and show the content of the root homepage
	RewriteRule .* index.php [F]
	#
	########## End - Rewrite rules to block out some common exploits

	########## Begin - File injection protection, by SigSiu.net
	RewriteCond %{REQUEST_METHOD} GET
	RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
	RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
	RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
	RewriteRule .* - [F]
	########## End - File injection protection

	########## Begin - Advanced server protection - query strings, referrer and config
	# Advanced server protection, version 3.2 - May 2011
	# by Nicholas K. Dionysopoulos

	## Disallow PHP Easter Eggs (can be used in fingerprinting attacks to determine
	## your PHP version). See http://www.0php.com/php_easter_egg.php and
	## http://osvdb.org/12184 for more information
	RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]
	RewriteRule .* - [F]

	#Block mySQL injects - http://docs.joomla.org/Htaccess_examples_%28security%29
	RewriteCond %{QUERY_STRING} (;\|<\|>\|'\|"\|\)\|%0A\|%0D\|%22\|%27\|%3C\|%3E\|%00).(/\\|union\|select\|insert\|cast\|set\|declare\|drop\|update\|md5\|benchmark) [NC]
	RewriteRule .* - [F]
	########## End - Advanced server protection - query strings, referrer and config

	### Needed by WordPress for permalinks
	RewriteRule ^index\.php$ - [L]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule . /index.php [L]

	# Block the include-only files.
	RewriteRule ^wp-admin/includes/ - [F,L]
	RewriteRule !^wp-includes/ - [S=3]
	RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
	RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
	RewriteRule ^wp-includes/theme-compat/ - [F,L]

	# comment spam protection
	# replace dynamicnet.net with your domain name
	# http://www.catswhocode.com/blog/10-htaccess-snippets-to-optimize-your-website
	#RewriteCond %{REQUEST_METHOD} POST
	#RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
	#RewriteCond %{HTTP_REFERER} !.dynamicnet.net. [OR]
	#RewriteCond %{HTTP_USER_AGENT} ^$
	#RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
	#

	</IfModule>

	<IfModule mod_headers.c>
	<FilesMatch "\.(js\|css\|xml\|gz)$">
	Header append Vary Accept-Encoding
	</FilesMatch>
	</IfModule>

	### To help with compression
	<IfModule mod_deflate.c>
	AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
	AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
	AddOutputFilterByType DEFLATE application/javascript application/x-javascript

	BrowserMatch ^Mozilla/4 gzip-only-text/html
	BrowserMatch ^Mozilla/4\.0[678] no-gzip
	BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

	# Make sure proxies don't deliver the wrong content
	Header append Vary User-Agent env=!dont-vary
	</IfModule>

	########## Begin - ETag Optimization
	## This rule will create an ETag for files based only on the modification
	## timestamp and their size. This works wonders if you are using rsync'ed
	## servers, where the inode number of identical files differs.
	## Note: It may cause problems on your server and you may need to remove it
	FileETag MTime Size
	########## End - ETag Optimization


	########## Begin - Optimal default expiration time
	## Note: this might cause problems and you might have to comment it out by
	## placing a hash in front of this section's lines
	<IfModule mod_expires.c>
	# Enable expiration control
	ExpiresActive On

	# Default expiration: 1 hour after request
	ExpiresDefault "now plus 1 hour"

	# CSS and JS expiration: 2 week after request
	ExpiresByType text/css "now plus 2 weeks"
	ExpiresByType application/javascript "now plus 2 weeks"
	ExpiresByType application/x-javascript "now plus 2 weeks"

	# Image files expiration: 1 month after request
	ExpiresByType image/bmp "now plus 1 month"
	ExpiresByType image/gif "now plus 1 month"
	ExpiresByType image/jpeg "now plus 1 month"
	ExpiresByType image/jp2 "now plus 1 month"
	ExpiresByType image/pipeg "now plus 1 month"
	ExpiresByType image/png "now plus 1 month"
	ExpiresByType image/svg+xml "now plus 1 month"
	ExpiresByType image/tiff "now plus 1 month"
	ExpiresByType image/vnd.microsoft.icon "now plus 1 month"
	ExpiresByType image/x-icon "now plus 1 month"
	ExpiresByType image/ico "now plus 1 month"
	ExpiresByType image/icon "now plus 1 month"
	ExpiresByType text/ico "now plus 1 month"
	ExpiresByType application/ico "now plus 1 month"
	ExpiresByType image/vnd.wap.wbmp "now plus 1 month"
	ExpiresByType application/vnd.wap.wbxml "now plus 1 month"
	ExpiresByType application/smil "now plus 1 month"

	# Audio files expiration: 1 month after request
	ExpiresByType audio/basic "now plus 1 month"
	ExpiresByType audio/mid "now plus 1 month"
	ExpiresByType audio/midi "now plus 1 month"
	ExpiresByType audio/mpeg "now plus 1 month"
	ExpiresByType audio/x-aiff "now plus 1 month"
	ExpiresByType audio/x-mpegurl "now plus 1 month"
	ExpiresByType audio/x-pn-realaudio "now plus 1 month"
	ExpiresByType audio/x-wav "now plus 1 month"

	# Movie files expiration: 1 month after request
	ExpiresByType application/x-shockwave-flash "now plus 1 month"
	ExpiresByType x-world/x-vrml "now plus 1 month"
	ExpiresByType video/x-msvideo "now plus 1 month"
	ExpiresByType video/mpeg "now plus 1 month"
	ExpiresByType video/mp4 "now plus 1 month"
	ExpiresByType video/quicktime "now plus 1 month"
	ExpiresByType video/x-la-asf "now plus 1 month"
	ExpiresByType video/x-ms-asf "now plus 1 month"
	</IfModule>
	########## End - Optimal expiration time

	## Any Redirects go here
	##
	##
	## EOF

	# BEGIN WordPress
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /xampp/projects/jquer.in/
	RewriteRule ^index\.php$ - [L]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule . /xampp/projects/jquer.in/index.php [L]
	</IfModule>

	# END WordPress