View Single Post
Old 29-07-13, 13:39
Chez's Avatar
Chez Chez is offline
Senior Member
Join Date: Sep 2011
Posts: 272
Default [Htaccess ] sql injection prevent by htacces
htacces checking each server url word if its match =' tick then
it wil redirect.
you can add block ip ,show 404 error .
what ever u want to do

very useful if dealing with huge sql records website

PHP Code:
RewriteEngine on 
%{QUERY_STRING} [+,*/']
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%27
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%5C
 RewriteRule . - [F] 

you can add custom string also

RewriteCond %{QUERY_STRING} \order
RewriteRule . - [F]
Reply With Quote
The Following 3 Users Say Thank You to Chez For This Useful Post:
Abys (28-10-13), rfadown (09-10-13), romano1 (29-07-13)