Bravo List

Bravo List (http://www.bvlist.com/index.php)
-   Tutorials (http://www.bvlist.com/forumdisplay.php?f=61)
-   -   [Htaccess ] sql injection prevent by htacces (http://www.bvlist.com/showthread.php?t=9346)

Chez 29th July 2013 13:39

[Htaccess ] sql injection prevent by htacces
 
htacces checking each server url word if its match =' tick then
it wil redirect.
you can add block ip ,show 404 error .
what ever u want to do

very useful if dealing with huge sql records website

PHP Code:

RewriteEngine on 
 RewriteCond 
%{QUERY_STRING} [+,*/']
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%27
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%5C
 RewriteRule . - [F] 


you can add custom string also


Eg:
RewriteCond %{QUERY_STRING} \order
RewriteRule . - [F]

firefly007 29th July 2013 14:04

Nice job!!

joeroberts 29th July 2013 14:17

You well run into Problems with this with some comments, descriptions, forum posts, PM's ...................

Bear this in mind when trying to use this.

wMan 29th July 2013 23:32

Disable Hotlinking
 
Add the below code to your .htaccess file (blank or existing), and upload to your root web directory:
Enter a list of ALLOWED domains/ site IPs below that will be allowed to access the specified file types
Code:

## DISABLE HOTLINKING
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourotherdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|js|css)$ - [F]

Visitor IP Banning
Add the below code to your .htaccess file (blank or existing), and upload to your root web directory:
Code:

## USER IP BANNING

 order allow,deny
 deny from 42.12.5.34
 deny from 193.110.145.185
 deny from 212.173.53.
 deny from 69.242.
 allow from all

example

Code:

Redirect /include/ http://localhost/pic/finger.jpg
Redirect /torrents/ http://localhost/pic/finger.jpg
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
## DISABLE HOTLINKING
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourotherdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|js|css)$ - [F]
## USER IP BANNING

 order allow,deny
 deny from 42.12.5.34
 deny from 193.110.145.185
 deny from 212.173.53.
 deny from 69.242.
 allow from all



All times are GMT +2. The time now is 14:42.

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.