Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ------------------
- # UTF-8 encoding
- # ------------------
- # Use UTF-8 encoding for anything served as `text/html` or `text/plain`.
- AddDefaultCharset utf-8
- # Force UTF-8 for certain file formats.
- <IfModule mod_mime.c>
- AddCharset utf-8 .atom .css .js .json .jsonld .rss .vtt .webapp .xml .xsl
- </IfModule>
- # ---------------------------
- # BEGIN Cache-Control Headers
- # ---------------------------
- <IfModule mod_expires.c>
- ExpiresActive On
- ExpiresByType image/jpg "access plus 2592000 seconds"
- ExpiresByType image/jpeg "access plus 2592000 seconds"
- ExpiresByType image/png "access plus 2592000 seconds"
- ExpiresByType image/gif "access plus 2592000 seconds"
- ExpiresByType image/ico "access plus 2592000 seconds"
- ExpiresByType image/icon "access plus 2592000 seconds"
- ExpiresByType image/x-icon "access plus 2592000 seconds"
- ExpiresByType text/css "access plus 2592000 seconds"
- ExpiresByType text/javascript "access plus 604800 seconds"
- ExpiresByType application/xhtml+xml "access plus 7200 seconds"
- ExpiresByType application/javascript "access plus 2592000 seconds"
- ExpiresByType application/x-javascript "access plus 2592000 seconds"
- ExpiresByType application/x-shockwave-flash "access plus 2592000 seconds"
- ExpiresByType font/ttf "access plus 2592000 seconds"
- ExpiresByType application/x-font-woff "access plus 2592000 seconds"
- </IfModule>
- <IfModule mod_headers.c>
- <FilesMatch "\\.(ico|jpe?g|png|gif|swf|gz|woff|svg)$">
- Header unset Cookie
- Header unset Set-Cookie
- Header set Cache-Control "max-age=2592000"
- </FilesMatch>
- <FilesMatch "\\.(js|css)$">
- Header unset Cookie
- Header unset Set-Cookie
- Header set Cache-Control "max-age=2592000"
- </FilesMatch>
- </IfModule>
- <IfModule mod_headers.c>
- Header unset ETag
- Header unset Pragma
- Header set Connection keep-alive
- Header unset Accept-Ranges
- </IfModule>
- # ---------------
- # | Compression |
- # ---------------
- <IfModule mod_deflate.c>
- AddOutputFilterByType DEFLATE application/atom+xml \
- application/javascript \
- application/json \
- application/ld+json \
- application/rss+xml \
- application/vnd.ms-fontobject \
- application/x-font-ttf \
- application/x-web-app-manifest+json \
- application/xhtml+xml \
- application/xml \
- font/opentype \
- image/svg+xml \
- image/x-icon \
- text/css \
- text/html \
- text/plain \
- text/x-component \
- text/xml
- </IfModule>
- # ----------------------------------------------------------------------
- # BEGIN Security
- # ----------------------------------------------------------------------
- # Begin liste: Bloquer l'acces aux fichiers
- <Files ~ "^\.ht">
- Order allow,deny
- Deny from all
- Satisfy All
- </Files>
- <files readme.html>
- Order allow,deny
- Deny from all
- Satisfy All
- </files>
- <files readme.txt>
- Order allow,deny
- Deny from all
- Satisfy All
- </files>
- <files install.php>
- Order allow,deny
- Deny from all
- Satisfy All
- </files>
- <files wp-config.php>
- Order allow,deny
- Deny from all
- Satisfy All
- </files>
- # END liste
- # Stop spam attack logins and comments
- <IfModule mod_rewrite.c>
- RewriteEngine On
- RewriteCond %{REQUEST_METHOD} POST
- RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login)\.php*
- RewriteCond %{HTTP_REFERER} !.*(mabulledu.net).* [OR]
- RewriteCond %{HTTP_USER_AGENT} ^$
- RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
- </ifModule>
- # 5G BLACKLIST/FIREWALL (2013)
- # @ http://perishablepress.com/5g-blacklist-2013/
- # 5G:[QUERY STRINGS]
- <IfModule mod_rewrite.c>
- RewriteEngine On
- RewriteBase /
- RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]
- RewriteCond %{QUERY_STRING} (javascript:).*(\;) [NC,OR]
- RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3) [NC,OR]
- RewriteCond %{QUERY_STRING} (\\|\.\./|`|=\'$|=%27$) [NC,OR]
- RewriteCond %{QUERY_STRING} (\;|\'|\"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if) [NC,OR]
- RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig) [NC,OR]
- RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
- RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
- RewriteRule .* - [F]
- </IfModule>
- # 5G:[REQUEST STRINGS]
- <IfModule mod_alias.c>
- RedirectMatch 403 (https?|ftp|php)\://
- RedirectMatch 403 /(https?|ima|ucp)/
- RedirectMatch 403 /(Permanent|Better)$
- RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
- RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
- RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
- RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
- RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
- RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
- RedirectMatch 403 \.well\-known/host\-meta
- RedirectMatch 403 /function\.array\-rand
- RedirectMatch 403 \)\;\$\(this\)\.html\(
- RedirectMatch 403 proc/self/environ
- RedirectMatch 403 msnbot\.htm\)\.\_
- RedirectMatch 403 /ref\.outcontrol
- RedirectMatch 403 com\_cropimage
- RedirectMatch 403 indonesia\.htm
- RedirectMatch 403 \{\$itemURL\}
- RedirectMatch 403 function\(\)
- RedirectMatch 403 labels\.rdf
- RedirectMatch 403 /playing.php
- RedirectMatch 403 muieblackcat
- </IfModule>
- # 5G:[REQUEST METHOD]
- <ifModule mod_rewrite.c>
- RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
- RewriteRule .* - [F]
- </IfModule>
- #Begin BAD IPS
- <limit GET POST PUT>
- Order Allow,Deny
- Allow from all
- # wp-admin logueur
- deny from 37.59.2.42
- deny from 74.14.237.15
- deny from 85.113.44.241
- deny from 90.188.236.38
- deny from 94.154.222.2
- deny from 103.22.181.8
- deny from 109.197.193.202
- deny from 112.134.227.131
- deny from 159.224.139.133
- deny from 176.40.120.60
- deny from 177.6.120.47
- deny from 177.83.226.146
- deny from 183.60.214.47
- deny from 186.220.37.8
- deny from 189.48.99.100
- deny from 190.199.241.165
- deny from 194.150.113.90
- deny from 200.27.231.114
- deny from 200.86.198.200
- deny from 200.139.175.57
- deny from 201.91.91.14
- deny from 203.206.167.242
- deny from 212.145.64.56
- deny from 217.137.225.153
- # fin wp-admin logueur
- # spammeur
- deny from 37.9.53.129
- deny from 195.2.240.106
- deny from 162.248.244.7
- # Start Custom Blocks
- # Bluecoat
- deny from 8.21.4.254
- deny from 65.46.48.192/30
- deny from 65.160.238.176/28
- deny from 85.92.222.0/24
- deny from 206.51.36.0/22
- deny from 216.52.23.0/24
- # cyveillance
- deny from 38.100.19.8/29
- deny from 38.100.21.0/24
- deny from 38.100.41.64/26
- deny from 38.105.71.0/25
- deny from 38.105.83.0/27
- deny from 38.112.21.140/30
- deny from 38.118.42.32/29
- deny from 65.213.208.128/27
- deny from 65.222.176.96/27
- deny from 65.222.185.72/29
- # Cyberpatrol
- deny from 38.103.17.160/27
- # Internet Identity - Anti-Phishing
- deny from 66.113.96.0/20
- deny from 70.35.113.192/27
- # Ironport
- deny from 204.15.80.0/22
- # Lightspeed Systems Security
- deny from 66.17.15.128/26
- deny from 69.84.207.32/27
- deny from 69.84.207.128/25
- # Layered Technologies
- deny from 72.36.128.0/17
- deny from 72.232.0.0/16
- deny from 72.233.0.0/17
- deny from 216.32.0.0/14
- # M86
- deny from 67.192.231.224/29
- deny from 208.90.236.0/22
- # Phish-Inspector.com
- deny from 209.147.127.208/28
- # Prescient Software, Inc. Phishmongers
- deny from 198.186.190.0/23
- deny from 198.186.192.0/23
- deny from 198.186.194.0/24
- # urlfilterdb
- deny from 207.210.99.32/29
- # websense-in.car1.sandiego1.level3.net
- deny from 4.53.120.22
- # Websense
- deny from 66.194.6.0/24
- deny from 67.117.201.128/28
- deny from 69.67.32.0/20
- deny from 131.191.87.0/24
- deny from 204.15.64.0/21
- deny from 208.80.192.0/21
- deny from 212.62.26.64/27
- deny from 213.168.226.0/24
- deny from 213.168.241.0/30
- deny from 213.168.242.0/30
- deny from 213.236.150.16/28
- </limit>
- #End BAD IPS
- #####################################################
- #Block comment spammers, bad bots and some proxies
- <ifModule mod_rewrite.c>
- RewriteEngine on
- RewriteCond %{REMOTE_HOST} 12.226.240.248 [OR]
- RewriteCond %{REMOTE_HOST} 24.111.102.26 [OR]
- RewriteCond %{REMOTE_HOST} 24.117.121.113 [OR]
- RewriteCond %{REMOTE_HOST} 65.30.216.140 [OR]
- RewriteCond %{REMOTE_HOST} 67.87.64.23 [OR]
- RewriteCond %{REMOTE_HOST} 68.12.149.198 [OR]
- RewriteCond %{REMOTE_HOST} 69.139.167.203 [OR]
- RewriteCond %{REMOTE_HOST} 74.95.182.57 [OR]
- RewriteCond %{REMOTE_HOST} 91.121.3.29 [OR]
- RewriteCond %{REMOTE_HOST} 203.94.229.227 [OR]
- RewriteCond %{REMOTE_HOST} 208.96.122.142 [OR]
- RewriteCond %{REMOTE_HOST} 210.0.141.247 [OR]
- RewriteCond %{REMOTE_HOST} 210.197.97.67 [OR]
- RewriteCond %{REMOTE_HOST} 212.179.127.188 [OR]
- RewriteCond %{REMOTE_HOST} 216.246.60.183 [OR]
- RewriteCond %{REMOTE_HOST} 220.156.189.233 [OR]
- RewriteCond %{REMOTE_HOST} 222.36.12.42 [OR]
- </IfModule>
- #End Block comment spammers, bad bots and some proxies
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement