Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in .htaccess help View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » Security - Other Author Message technocrat Involved Joined: Jul 07, 2005 Posts: 492 Posted: Mon Apr 09, 2007 4:36 pm I have tried a couple of different things and can't get it working so I am looking for some assistance. I want to block any request that contains ?act= Any help? technocrat Involved Joined: Jul 07, 2005 Posts: 492 Posted: Mon Apr 09, 2007 6:01 pm This appears to be working Code: RewriteCond %{QUERY_STRING} ^act\=(.*) RewriteRule ^.*$ http://127.0.0.1/ [R,L] FYI-This will block the c99shell default access completely. montego Site Admin Joined: Aug 29, 2004 Posts: 7330 Location: Arizona Posted: Tue Apr 10, 2007 7:17 am Looks good to me as well. Here are some other examples of things that I have done over the years as they have popped up: Code: # # Tired of external attempts to access Forums admin # RewriteCond %{HTTP_REFERER} !^http://(.*)montegoscripts\.com/.*$ [NC] RewriteCond %{REQUEST_URI} modules/Forums/admin RewriteRule ^.*$ http://127.0.0.1 [R=301,L] # # Try to stop Add Links from external sources # RewriteCond %{HTTP_REFERER} ^$ RewriteCond %{QUERY_STRING} ^(.*)name=Web_Links(.*) RewriteRule ^.*$ http://127.0.0.1 [R=301,L] # # Added by montego as hack script reports these # RewriteCond %{QUERY_STRING} ^(.*)www\.shinwhat\.com(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)leyctud_b0x(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)217\.20\.112\.211(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)sucomi\.com(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)GLOBALS(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)phentermine(.*)$ [NC,OR] RewriteCond %{REQUEST_URI} ^(.*)register\.php(.*)$ [NC,OR] RewriteCond %{REQUEST_URI} ^(.*)profile\.php(.*)$ [NC,OR] RewriteRule ^.*$ http://127.0.0.1 [R=301,L] I post these only as additional examples for folks in case they need the "pattern" to try. evaders99 Moderator Joined: Apr 30, 2004 Posts: 2795 Posted: Tue Apr 10, 2007 9:27 pm A bunch of other ones that I use. (Sometimes QUERY_STRING doesn't work for me, so these rules use THE_REQUEST to search the entire request data) Code: RewriteCond %{THE_REQUEST}  (YIIQegYGKwYBBQU)         [OR] RewriteCond %{THE_REQUEST}  (absolute_path)             [OR] RewriteCond %{THE_REQUEST}  (phpbb_root_path)           [OR] RewriteCond %{THE_REQUEST}  (classified_path)           [OR] RewriteCond %{THE_REQUEST}  (THEME_DIR)                 [OR] RewriteCond %{THE_REQUEST}  (basepath)               [OR] RewriteCond %{THE_REQUEST}  (BBCodeFile)            [OR] RewriteCond %{THE_REQUEST}   (spaw_root)               [OR] RewriteCond %{THE_REQUEST}   (path_red2)               [OR] RewriteCond %{THE_REQUEST}   (phpc_root_path)         [OR] RewriteCond %{THE_REQUEST}   (libpath)               [OR] RewriteCond %{THE_REQUEST}   (includedir)            [OR] RewriteCond %{THE_REQUEST}   (serverpath)            [OR] RewriteCond %{THE_REQUEST}   (vwar_root)               [OR] RewriteCond %{THE_REQUEST}   (dir\[inc\])            [OR] RewriteCond %{THE_REQUEST}   (rootpath)               [OR] RewriteCond %{THE_REQUEST}   (file=http:\/\/)         [OR] RewriteCond %{THE_REQUEST}   (name=http:\/\/)         [OR] RewriteCond %{THE_REQUEST}  (CPG_M_DIR)                montego Site Admin Joined: Aug 29, 2004 Posts: 7330 Location: Arizona Posted: Wed Apr 11, 2007 6:29 am You know, that is right, I have seen some quirky behavior with QUERY_STRING. I got the above to work, but I like your ideas here. Thanks! Guardian2003 Site Admin Joined: Aug 28, 2003 Posts: 4653 Posted: Thu Apr 12, 2007 8:58 pm TechonocratI see you were struck by the same module hack I was. I'm not sure that adding [code]if (!eregi('image/', get_mime_content_type($imageurl_name))) die(_SP_CONFBANN); [/b] is a complete solution but I'm certainly warming to your htaccess idea. I do not think there is anything in nuke that uses ?act= but if there is, it always possible to use the less likely ones like; ?act=f ?act=ls ?act=img technocrat Involved Joined: Jul 07, 2005 Posts: 492 Posted: Fri Apr 13, 2007 7:22 am My users are reporting that it will affect the arcade mod. So we might need to tweak it some more. I have some more changes and I will post them once I get to the office. Guardian2003 Site Admin Joined: Aug 28, 2003 Posts: 4653 Posted: Fri Apr 13, 2007 8:55 am I sent you a PM, I understand the original author is working on the isuue now. technocrat Involved Joined: Jul 07, 2005 Posts: 492 Posted: Fri Apr 13, 2007 9:23 am Code fixes: First mime_content_type seems to not work very well, so I used this code from DJMaze and it works much better. Code: function get_mime_content_type($filename) {     $mime = array(             '.3dmf' => 'x-world/x-3dmf',             '.a' => 'application/octet-stream',             '.aab' => 'application/x-authorware-bin',             '.aam' => 'application/x-authorware-map',             '.aas' => 'application/x-authorware-seg',             '.abc' => 'text/vnd.abc',             '.acgi' => 'text/html',             '.afl' => 'video/animaflex',             '.ai' => 'application/postscript',             '.aif' => 'audio/aiff',             '.aif' => 'audio/x-aiff',             '.aifc' => 'audio/aiff',             '.aiff' => 'audio/aiff',             '.aim' => 'application/x-aim',             '.aip' => 'text/x-audiosoft-intra',             '.ani' => 'application/x-navi-animation',             '.aos' => 'application/x-nokia-9000-communicator-add-on-software',             '.aps' => 'application/mime',             '.arc' => 'application/octet-stream',             '.arj' => 'application/arj',             '.art' => 'image/x-jg',             '.asf' => 'video/x-ms-asf',             '.asm' => 'text/x-asm',             '.asp' => 'text/asp',             '.asx' => 'video/x-ms-asf',             '.au' => 'audio/x-au',             '.avi' => 'video/avi',             '.avs' => 'video/avs-video',             '.bcpio' => 'application/x-bcpio',             '.bin' => 'application/x-binary',             '.bm' => 'image/bmp',             '.bmp' => 'image/bmp',             '.boo' => 'application/book',             '.book' => 'application/book',             '.boz' => 'application/x-bzip2',             '.bsh' => 'application/x-bsh',             '.bz' => 'application/x-bzip',             '.bz2' => 'application/x-bzip2',             '.c' => 'text/plain',             '.c++' => 'text/plain',             '.cat' => 'application/vnd.ms-pki.seccat',             '.cc' => 'text/plain',             '.ccad' => 'application/clariscad',             '.cco' => 'application/x-cocoa',             '.cdf' => 'application/cdf',             '.cer' => 'application/pkix-cert',             '.cer' => 'application/x-x509-ca-cert',             '.cha' => 'application/x-chat',             '.chat' => 'application/x-chat',             '.class' => 'application/java',             '.com' => 'text/plain',             '.conf' => 'text/plain',             '.cpio' => 'application/x-cpio',             '.cpp' => 'text/x-c',             '.cpt' => 'application/x-cpt',             '.crl' => 'application/pkix-crl',             '.crt' => 'application/pkix-cert',             '.crt' => 'application/x-x509-user-cert',             '.csh' => 'application/x-csh',             '.css' => 'text/css',             '.cxx' => 'text/plain',             '.dcr' => 'application/x-director',             '.deepv' => 'application/x-deepv',             '.def' => 'text/plain',             '.der' => 'application/x-x509-ca-cert',             '.dif' => 'video/x-dv',             '.dir' => 'application/x-director',             '.dl' => 'video/dl',             '.doc' => 'application/msword',             '.dot' => 'application/msword',             '.dp' => 'application/commonground',             '.drw' => 'application/drafting',             '.dump' => 'application/octet-stream',             '.dv' => 'video/x-dv',             '.dvi' => 'application/x-dvi',             '.dwf' => 'drawing/x-dwf',             '.dwg' => 'image/x-dwg',             '.dxf' => 'image/x-dwg',             '.dxr' => 'application/x-director',             '.el' => 'text/x-script.elisp',             '.elc' => 'application/x-elc',             '.env' => 'application/x-envoy',             '.eps' => 'application/postscript',             '.es' => 'application/x-esrehber',             '.etx' => 'text/x-setext',             '.evy' => 'application/envoy',             '.exe' => 'application/octet-stream',             '.f' => 'text/plain',             '.f77' => 'text/x-fortran',             '.f90' => 'text/x-fortran',             '.fdf' => 'application/vnd.fdf',             '.fif' => 'image/fif',             '.fli' => 'video/fli',             '.flo' => 'image/florian',             '.flx' => 'text/vnd.fmi.flexstor',             '.fmf' => 'video/x-atomic3d-feature',             '.for' => 'text/x-fortran',             '.fpx' => 'image/vnd.fpx',             '.frl' => 'application/freeloader',             '.funk' => 'audio/make',             '.g' => 'text/plain',             '.g3' => 'image/g3fax',             '.gif' => 'image/gif',             '.gl' => 'video/gl',             '.gl' => 'video/x-gl',             '.gsd' => 'audio/x-gsm',             '.gsm' => 'audio/x-gsm',             '.gsp' => 'application/x-gsp',             '.gss' => 'application/x-gss',             '.gtar' => 'application/x-gtar',             '.gz' => 'application/x-gzip',             '.gzip' => 'application/x-gzip',             '.h' => 'text/plain',             '.hdf' => 'application/x-hdf',             '.help' => 'application/x-helpfile',             '.hgl' => 'application/vnd.hp-hpgl',             '.hh' => 'text/plain',             '.hlb' => 'text/x-script',             '.hlp' => 'application/hlp',             '.hpg' => 'application/vnd.hp-hpgl',             '.hpgl' => 'application/vnd.hp-hpgl',             '.hqx' => 'application/binhex',             '.hta' => 'application/hta',             '.htc' => 'text/x-component',             '.htm' => 'text/html',             '.html' => 'text/html',             '.htmls' => 'text/html',             '.htt' => 'text/webviewhtml',             '.htx' => 'text/html',             '.ice' => 'x-conference/x-cooltalk',             '.ico' => 'image/x-icon',             '.idc' => 'text/plain',             '.ief' => 'image/ief',             '.iefs' => 'image/ief',             '.iges' => 'application/iges',             '.igs' => 'application/iges',             '.ima' => 'application/x-ima',             '.imap' => 'application/x-httpd-imap',             '.inf' => 'application/inf',             '.ins' => 'application/x-internett-signup',             '.ip' => 'application/x-ip2',             '.isu' => 'video/x-isvideo',             '.it' => 'audio/it',             '.iv' => 'application/x-inventor',             '.ivr' => 'i-world/i-vrml',             '.ivy' => 'application/x-livescreen',             '.jam' => 'audio/x-jam',             '.jav' => 'text/plain',             '.java' => 'text/plain',             '.jcm' => 'application/x-java-commerce',             '.jfif' => 'image/jpeg',             '.jfif-tbnl' => 'image/jpeg',             '.jpe' => 'image/jpeg',             '.jpeg' => 'image/jpeg',             '.jpg' => 'image/jpeg',             '.jps' => 'image/x-jps',             '.js' => 'application/x-javascript',             '.jut' => 'image/jutvision',             '.kar' => 'audio/midi',             '.ksh' => 'application/x-ksh',             '.la' => 'audio/nspaudio',             '.lam' => 'audio/x-liveaudio',             '.latex' => 'application/x-latex',             '.lha' => 'application/lha',             '.lha' => 'application/x-lha',             '.lhx' => 'application/octet-stream',             '.list' => 'text/plain',             '.lma' => 'audio/nspaudio',             '.lma' => 'audio/x-nspaudio',             '.log' => 'text/plain',             '.lsp' => 'application/x-lisp',             '.lsp' => 'text/x-script.lisp',             '.lst' => 'text/plain',             '.lsx' => 'text/x-la-asf',             '.ltx' => 'application/x-latex',             '.lzh' => 'application/x-lzh',             '.lzx' => 'application/x-lzx',             '.m' => 'text/plain',             '.m1v' => 'video/mpeg',             '.m2a' => 'audio/mpeg',             '.m2v' => 'video/mpeg',             '.m3u' => 'audio/x-mpequrl',             '.man' => 'application/x-troff-man',             '.map' => 'application/x-navimap',             '.mar' => 'text/plain',             '.mbd' => 'application/mbedlet',             '.mcd' => 'application/mcad',             '.mcf' => 'image/vasa',             '.mcp' => 'application/netmc',             '.me' => 'application/x-troff-me',             '.mht' => 'message/rfc822',             '.mhtml' => 'message/rfc822',             '.mid' => 'audio/midi',             '.midi' => 'audio/midi',             '.mif' => 'application/x-mif',             '.mime' => 'www/mime',             '.mjf' => 'audio/x-vnd.audioexplosion.mjuicemediafile',             '.mjpg' => 'video/x-motion-jpeg',             '.mm' => 'application/x-meme',             '.mme' => 'application/b|ase64',             '.mod' => 'audio/mod',             '.moov' => 'video/quicktime',             '.mov' => 'video/quicktime',             '.movie' => 'video/x-sgi-movie',             '.mp2' => 'video/mpeg',             '.mp3' => 'audio/mpeg3',             '.mpa' => 'video/mpeg',             '.mpc' => 'application/x-project',             '.mpe' => 'video/mpeg',             '.mpeg' => 'video/mpeg',             '.mpg' => 'video/mpeg',             '.mpga' => 'audio/mpeg',             '.mpp' => 'application/vnd.ms-project',             '.mpt' => 'application/x-project',             '.mpv' => 'application/x-project',             '.mpx' => 'application/x-project',             '.mrc' => 'application/marc',             '.ms' => 'application/x-troff-ms',             '.mv' => 'video/x-sgi-movie',             '.my' => 'audio/make',             '.mzz' => 'application/x-vnd.audioexplosion.mzz',             '.nap' => 'image/naplps',             '.naplps' => 'image/naplps',             '.nc' => 'application/x-netcdf',             '.ncm' => 'application/vnd.nokia.configuration-message',             '.nif' => 'image/x-niff',             '.niff' => 'image/x-niff',             '.nix' => 'application/x-mix-transfer',             '.nsc' => 'application/x-conference',             '.nvd' => 'application/x-navidoc',             '.o' => 'application/octet-stream',             '.oda' => 'application/oda',             '.omc' => 'application/x-omc',             '.omcd' => 'application/x-omcdatamaker',             '.omcr' => 'application/x-omcregerator',             '.p' => 'text/x-pascal',             '.p10' => 'application/x-pkcs10',             '.p12' => 'application/x-pkcs12',             '.p7a' => 'application/x-pkcs7-signature',             '.p7c' => 'application/x-pkcs7-mime',             '.p7m' => 'application/x-pkcs7-mime',             '.p7r' => 'application/x-pkcs7-certreqresp',             '.p7s' => 'application/pkcs7-signature',             '.part' => 'application/pro',             '.pas' => 'text/pascal',             '.pbm' => 'image/x-portable-bitmap',             '.pcl' => 'application/x-pcl',             '.pct' => 'image/x-pict',             '.pcx' => 'image/x-pcx',             '.pdb' => 'chemical/x-pdb',             '.pdf' => 'application/pdf',             '.pfunk' => 'audio/make',             '.pgm' => 'image/x-portable-graymap',             '.pic' => 'image/pict',             '.pict' => 'image/pict',             '.pkg' => 'application/x-newton-compatible-pkg',             '.pko' => 'application/vnd.ms-pki.pko',             '.pl' => 'text/plain',             '.plx' => 'application/x-pixclscript',             '.pm' => 'image/x-xpixmap',             '.pm4' => 'application/x-pagemaker',             '.pm5' => 'application/x-pagemaker',             '.png' => 'image/png',             '.pnm' => 'application/x-portable-anymap',             '.pnm' => 'image/x-portable-anymap',             '.pot' => 'application/mspowerpoint',             '.pot' => 'application/vnd.ms-powerpoint',             '.pov' => 'model/x-pov',             '.ppa' => 'application/vnd.ms-powerpoint',             '.ppm' => 'image/x-portable-pixmap',             '.pps' => 'application/mspowerpoint',             '.ppt' => 'application/powerpoint',             '.ppz' => 'application/mspowerpoint',             '.pre' => 'application/x-freelance',             '.prt' => 'application/pro',             '.ps' => 'application/postscript',             '.psd' => 'application/octet-stream',             '.pvu' => 'paleovu/x-pv',             '.pwz' => 'application/vnd.ms-powerpoint',             '.py' => 'text/x-script.phyton',             '.pyc' => 'applicaiton/x-bytecode.python',             '.qcp' => 'audio/vnd.qcelp',             '.qd3' => 'x-world/x-3dmf',             '.qd3d' => 'x-world/x-3dmf',             '.qif' => 'image/x-quicktime',             '.qt' => 'video/quicktime',             '.qtc' => 'video/x-qtc',             '.qti' => 'image/x-quicktime',             '.qtif' => 'image/x-quicktime',             '.ra' => 'audio/x-realaudio',             '.ram' => 'audio/x-pn-realaudio',             '.rar' => 'application/rar',             '.ras' => 'image/cmu-raster',             '.rast' => 'image/cmu-raster',             '.rexx' => 'text/x-script.rexx',             '.rf' => 'image/vnd.rn-realflash',             '.rgb' => 'image/x-rgb',             '.rm' => 'audio/x-pn-realaudio',             '.rmi' => 'audio/mid',             '.rmm' => 'audio/x-pn-realaudio',             '.rmp' => 'audio/x-pn-realaudio',             '.rng' => 'application/ringing-tones',             '.rnx' => 'application/vnd.rn-realplayer',             '.roff' => 'application/x-troff',             '.rp' => 'image/vnd.rn-realpix',             '.rpm' => 'audio/x-pn-realaudio-plugin',             '.rt' => 'text/richtext',             '.rtf' => 'application/rtf',             '.rtx' => 'application/rtf',             '.rv' => 'video/vnd.rn-realvideo',             '.s' => 'text/x-asm',             '.s3m' => 'audio/s3m',             '.saveme' => 'application/octet-stream',             '.sbk' => 'application/x-tbook',             '.scm' => 'video/x-scm',             '.sdml' => 'text/plain',             '.sdp' => 'application/sdp',             '.sdr' => 'application/sounder',             '.sea' => 'application/sea',             '.set' => 'application/set',             '.sgm' => 'text/sgml',             '.sgml' => 'text/sgml',             '.sh' => 'application/x-sh',             '.shar' => 'application/x-shar',             '.shtml' => 'text/html',             '.shtml' => 'text/x-server-parsed-html',             '.sid' => 'audio/x-psid',             '.sit' => 'application/x-sit',             '.sit' => 'application/x-stuffit',             '.skd' => 'application/x-koan',             '.skm' => 'application/x-koan',             '.skp' => 'application/x-koan',             '.skt' => 'application/x-koan',             '.sl' => 'application/x-seelogo',             '.smi' => 'application/smil',             '.smil' => 'application/smil',             '.snd' => 'audio/basic',             '.snd' => 'audio/x-adpcm',             '.sol' => 'application/solids',             '.spc' => 'text/x-speech',             '.spl' => 'application/futuresplash',             '.spr' => 'application/x-sprite',             '.sprite' => 'application/x-sprite',             '.src' => 'application/x-wais-source',             '.ssi' => 'text/x-server-parsed-html',             '.ssm' => 'application/streamingmedia',             '.sst' => 'application/vnd.ms-pki.certstore',             '.step' => 'application/step',             '.stl' => 'application/sla',             '.stp' => 'application/step',             '.sv4cpio' => 'application/x-sv4cpio',             '.sv4crc' => 'application/x-sv4crc',             '.svf' => 'image/x-dwg',             '.swf' => 'application/x-shockwave-flash',             '.t' => 'application/x-troff',             '.talk' => 'text/x-speech',             '.tar' => 'application/x-tar',             '.tbk' => 'application/x-tbook',             '.tcl' => 'application/x-tcl',             '.tcsh' => 'text/x-script.tcsh',             '.tex' => 'application/x-tex',             '.texi' => 'application/x-texinfo',             '.texinfo' => 'application/x-texinfo',             '.text' => 'text/plain',             '.tgz' => 'application/tgz',             '.tif' => 'image/tiff',             '.tiff' => 'image/tiff',             '.tr' => 'application/x-troff',             '.tsi' => 'audio/tsp-audio',             '.tsp' => 'application/dsptype',             '.tsv' => 'text/tab-separated-values',             '.turbot' => 'image/florian',             '.txt' => 'text/plain',             '.uil' => 'text/x-uil',             '.uni' => 'text/uri-list',             '.unis' => 'text/uri-list',             '.unv' => 'application/i-deas',             '.uri' => 'text/uri-list',             '.uris' => 'text/uri-list',             '.ustar' => 'application/x-ustar',             '.uu' => 'application/octet-stream',             '.uue' => 'text/x-uuencode',             '.vcd' => 'application/x-cdlink',             '.vcs' => 'text/x-vcalendar',             '.vda' => 'application/vda',             '.vdo' => 'video/vdo',             '.vew' => 'application/groupwise',             '.viv' => 'video/vivo',             '.vivo' => 'video/vivo',             '.vmd' => 'application/vocaltec-media-desc',             '.vmf' => 'application/vocaltec-media-file',             '.voc' => 'audio/voc',             '.vos' => 'video/vosaic',             '.vox' => 'audio/voxware',             '.vqe' => 'audio/x-twinvq-plugin',             '.vqf' => 'audio/x-twinvq',             '.vql' => 'audio/x-twinvq-plugin',             '.vrml' => 'application/x-vrml',             '.vrt' => 'x-world/x-vrt',             '.vsd' => 'application/x-visio',             '.vst' => 'application/x-visio',             '.vsw' => 'application/x-visio',             '.w60' => 'application/wordperfect6.0',             '.w61' => 'application/wordperfect6.1',             '.w6w' => 'application/msword',             '.wav' => 'audio/wav',             '.wb1' => 'application/x-qpro',             '.wbmp' => 'image/vnd.wap.wbmp',             '.web' => 'application/vnd.xara',             '.wiz' => 'application/msword',             '.wk1' => 'application/x-123',             '.wmf' => 'windows/metafile',             '.wml' => 'text/vnd.wap.wml',             '.wmlc' => 'application/vnd.wap.wmlc',             '.wmls' => 'text/vnd.wap.wmlscript',             '.wmlsc' => 'application/vnd.wap.wmlscriptc',             '.word' => 'application/msword',             '.wp' => 'application/wordperfect',             '.wp5' => 'application/wordperfect',             '.wp6' => 'application/wordperfect',             '.wpd' => 'application/wordperfect',             '.wq1' => 'application/x-lotus',             '.wri' => 'application/x-wri',             '.wrl' => 'application/x-world',             '.wrz' => 'model/vrml',             '.wsc' => 'text/scriplet',             '.wsrc' => 'application/x-wais-source',             '.wtk' => 'application/x-wintalk',             '.xbm' => 'image/xbm',             '.xdr' => 'video/x-amt-demorun',             '.xgz' => 'xgl/drawing',             '.xif' => 'image/vnd.xiff',             '.xl' => 'application/excel',             '.xla' => 'application/excel',             '.xlb' => 'application/excel',             '.xlc' => 'application/excel',             '.xld' => 'application/excel',             '.xlk' => 'application/excel',             '.xll' => 'application/excel',             '.xlm' => 'application/excel',             '.xls' => 'application/excel',             '.xlt' => 'application/excel',             '.xlv' => 'application/excel',             '.xlw' => 'application/excel',             '.xm' => 'audio/xm',             '.xml' => 'text/xml',             '.xmz' => 'xgl/movie',             '.xpix' => 'application/x-vnd.ls-xpix',             '.xpm' => 'image/x-xpixmap',             '.xpm' => 'image/xpm',             '.x-png' => 'image/png',             '.xsr' => 'video/x-amt-showrun',             '.xwd' => 'image/x-xwd',             '.xyz' => 'chemical/x-pdb',             '.z' => 'application/x-compressed',             '.zip' => 'application/x-zip-compressed',             '.zoo' => 'application/octet-stream',             '.zsh' => 'text/x-script.zsh',         );         $ext = strtolower(strrchr($filename, '.'));         if(isset($mime[$ext]))         {             $type = $mime[$ext];             global $browser;             if ($browser == 'ie' || $browser == 'opera') {  //You will need your own browser detector                 $type = str_replace('application/octet-stream', 'application/octetstream', $type);             }             return $type;         }         else         {             return "text/plain";         } } In SPSubmitSave.php Find: Code: $imageurl_name = $_FILES['site_image']['name']; After add: Code: if (!eregi('image/', get_mime_content_type($imageurl_name))) die(_SP_CONFBANN); That will stop bad image types Then find: Code: if(move_uploaded_file($imageurl_temp, "modules/$module_name/images/supporters/$oid$ext")) { After add: Code:       list($width, $height, $type, $attr) = @getimagesize("modules/$module_name/images/supporters/$oid$ext");       if (empty($width) || empty($height)) {           unlink("modules/$module_name/images/supporters/$oid$ext");           include_once(NUKE_BASE_DIR.'header.php');          title(_SP_CONFBANN);           OpenTable();           echo "<center><strong>"._SP_NOUPLOAD."</strong></center><br />\n";           echo "<center>"._GOBACK."</center>";           CloseTable();           include_once(NUKE_BASE_DIR.'footer.php');           exit;       } This will stop invalid images technocrat Involved Joined: Jul 07, 2005 Posts: 492 Posted: Wed Apr 18, 2007 12:58 pm Update: Added a .htaccess file to the modules/Supporters/images folder with: Code: Order allow,deny allow from all <FilesMatch "\.php$">   deny from all </FilesMatch> Using evaders99 suggestions I changed the main .htaccess to be: Code: RewriteCond %{THE_REQUEST} (\?act\=) [NC,OR] RewriteCond %{THE_REQUEST} (sql_login) [NC] RewriteRule ^.*$ http://127.0.0.1/ [R=301,L] Steptoe Involved Joined: Oct 09, 2004 Posts: 288 Posted: Tue Apr 24, 2007 1:26 am Hi guys, havnt been around for a while.. thu thats your fault, the support and stuff nothing goes wrong lol. Anyway this .htasess thing.. I did get hacked the other day from Turkey, nothing serious, 8 mins and was up again... This is what I have.. 1/ my server is next to me, Apachie on MS 2/ I access it from this machine on the LAN 3/I figured out banning TR ips...well most of them, just got a list of TR isps and TR telecom ranges and banned them in htaccess. This is what I would like to do...(tried differnt stuff but either doesnt work or the sever becomes inaccessable lol) 1/ I see how to ban access to file types...we need access to .php, how does one do that yet ban just one file...eg admin.php Yet allow access to it from 1 ip or ip range? ...eg LAN 2/I use ip_tracking one can see what modules are been visited, but it doesnt list admin.php.....is it possible to have this in the drop down menu? Cheers Steps Oh PS, I became a Grandfather the other day...9lb boy Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » Security - Other  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) v2.30.00----------------v2.3 RN Announcementsv2.3 RN Your Accountv2.3 RN Blocksv2.3 RN Modules - NO FORUM ISSUESv2.3 RN Forumsv2.3 RN Themesv2.3 RN Installation/Installerv2.3 RN Update from previous RavenNuke(tm) versionsv2.3 RN Update/Conversion from other *nuke versionsv2.3 RN Security related issuesv2.3 RN Otherv2.3 RN Documentationv2.3 RN Feedback/Suggestions Recommended Reading----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePie RavenNuke(tm) v2.20.x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroUpgrade Pack For RavenNuke(tm) v1.05.00 to v2.02.00Raven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroRaven's RavenNuke(tm) v2.10.00Public Testing of RavenNuke(tm) v2.10.00HtAccesser Security----------------Security - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsEasy IP Ban Reference [eC-IPBR]PHP-Nuke Patched Series By Chatserv Information About Forums----------------Old Forum EntriesPHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsGeneral - PHP Portal ProjectDevelopersDesign Discussions Scripts - General----------------Post Release FixesBug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5CNB Your AccountM2FBrowser Specific IssuesUpgrading NukeNuke Treasury Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepository 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - The Wastelands of NukeworldOther - Book ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Guest Editorials----------------My Turn - James R. Sanders  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©