View Single Post
  #1  
Old 29-07-13, 13:39
Chez's Avatar
Chez Chez is offline
Senior Member
 
Join Date: Sep 2011
P2P
Posts: 269
Default [Htaccess ] sql injection prevent by htacces
htacces checking each server url word if its match =' tick then
it wil redirect.
you can add block ip ,show 404 error .
what ever u want to do

very useful if dealing with huge sql records website

PHP Code:
RewriteEngine on 
 RewriteCond 
%{QUERY_STRING} [+,*/']
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%27
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%5C
 RewriteRule . - [F] 

you can add custom string also


Eg:
RewriteCond %{QUERY_STRING} \order
RewriteRule . - [F]
__________________
http://www.bvlist.com/images/avatars/signaturepics/sigpic16443_2.gif
Reply With Quote
The Following 3 Users Say Thank You to Chez For This Useful Post:
Abys (28-10-13), rfadown (09-10-13), romano1 (29-07-13)