Bravo List
Register
Go Back   > Bravo List > P2P > Forum > Tutorials
Reply
  #1  
Old 29th July 2013, 13:39
Chez's Avatar
Chez Chez is offline
Senior Member
 
Join Date: Sep 2011
P2P
Posts: 278
Default [Htaccess ] sql injection prevent by htacces
htacces checking each server url word if its match =' tick then
it wil redirect.
you can add block ip ,show 404 error .
what ever u want to do

very useful if dealing with huge sql records website

PHP Code:
RewriteEngine on 
 RewriteCond 
%{QUERY_STRING} [+,*/']
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%27
 RewriteRule . - [F]

 RewriteCond %{QUERY_STRING} \%5C
 RewriteRule . - [F] 

you can add custom string also


Eg:
RewriteCond %{QUERY_STRING} \order
RewriteRule . - [F]
__________________
http://www.bvlist.com/images/avatars/signaturepics/sigpic16443_2.gif
Reply With Quote
The Following 3 Users Say Thank You to Chez For This Useful Post:
Abys (28th October 2013), rfadown (9th October 2013), romano1 (29th July 2013)
  #2  
Old 29th July 2013, 14:04
firefly007's Avatar
firefly007 firefly007 is offline
SUPPORT GURU
 
Join Date: Jun 2010
P2P
Posts: 721
Default
Nice job!!
__________________




Please Support Majority Report


You can contact me on Skype live:phesadent.elect but please let me know first.


If you are ever need me desperately then please email me at dan.oak44@gmail.com and I will contact u within a week.


Due to free time I'm able to help interested member's with their tracker.

Please Note!
Depending on your requests I will charge you for my assistance for Tracker installs and mods.
All my mods are custom and prices will very depending on the request.
I'm able to install any tracker and mods including themes.

Please PM me

Reply With Quote
  #3  
Old 29th July 2013, 14:17
joeroberts's Avatar
joeroberts joeroberts is offline
BT.Manager Owner
 
Join Date: Jan 2008
United States
Posts: 2,113
Default
You well run into Problems with this with some comments, descriptions, forum posts, PM's ...................

Bear this in mind when trying to use this.
__________________
Do not ask me to help you work on your site that is not phpMyBitTorrent
Do not ask me to make a mod for any other source
Do not Ask me to setup your site.
I will no longer help you setup your site, there is a setup script if you have trouble with it post in the forum here or in BT.Manager™ forum
My Current Demo is here http://demo.btmanager.org/
Reply With Quote
The Following User Says Thank You to joeroberts For This Useful Post:
romano1 (29th July 2013)
  #4  
Old 29th July 2013, 23:32
wMan wMan is offline
Banned
 
Join Date: Feb 2008
P2P
Posts: 1,433
Thumbs up Disable Hotlinking
Add the below code to your .htaccess file (blank or existing), and upload to your root web directory:
Enter a list of ALLOWED domains/ site IPs below that will be allowed to access the specified file types
Code:
## DISABLE HOTLINKING
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourotherdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|js|css)$ - [F]
Visitor IP Banning
Add the below code to your .htaccess file (blank or existing), and upload to your root web directory:
Code:
## USER IP BANNING
<Limit GET POST>
 order allow,deny
 deny from 42.12.5.34
 deny from 193.110.145.185
 deny from 212.173.53.
 deny from 69.242.
 allow from all
</Limit>
example

Code:
Redirect /include/ http://localhost/pic/finger.jpg
Redirect /torrents/ http://localhost/pic/finger.jpg
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
## DISABLE HOTLINKING
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourotherdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|js|css)$ - [F]
## USER IP BANNING
<Limit GET POST>
 order allow,deny
 deny from 42.12.5.34
 deny from 193.110.145.185
 deny from 212.173.53.
 deny from 69.242.
 allow from all
</Limit>

Last edited by wMan; 30th July 2013 at 12:20.
Reply With Quote
Reply

Tags
htacces , htaccess , injection , prevent , sql

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 01:03. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.