surabaya web designer
cheap web promotion indonesia
design graphics and online shopping cart
     category      articles    
 

Adsense

Adwords

Article

Blog

CMS

CSS Style

Datacenter

Design Graphics

Flash Animation

Internet Radio

Messenger

Programming

Provider

Search Engine

Security

Security Web

SEF

SEO

Software

Software Web

Prevent htaccess From Hack 3

Securing directories: Remove the ability to execute scripts

Heres a couple different ways I do it
code:
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI


This is cool, you are basically categorizing all those files that end in those extensions so that they fall under the jurisdiction of the -ExecCGI command, which also means -FollowSymLinks (and the opposite is also true, +ExecCGI also turns on +FollowSymLinks)

Only allow GET and PUT request methods to your server.
code:
Options -ExecCGI -Indexes -All
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD) RewriteRule .* - [F]


Processing All gif files to be processed through a cgi script
code:
Action image/gif /cgi-bin/filter.cgi


Process request/file depending on the request method
code:
Script PUT /cgi-bin/upload.cgi


Force Files to download, not be displayed in browser
code:
AddType application/octet-stream .avi
AddType application/octet-stream .mpg

Then in your HTML you could just link directly to the file..
code:
<a href="/movies/mov1.avi">Download Movie1</a>

And then you will get a pop-up box asking whether you want to save the file or open it.

Show the source of dynamic files

If you'd rather have .pl, .py, or .cgi files displayed in the browser as source rather than be executed as scripts, simply create a .htaccess file in the relevant directory with the following:
code:

RemoveHandler cgi-script .pl .py .cgi


Dramatically Speed up your site by implementing Caching!
code:
# MONTH
<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|swf)$">
Header set Cache-Control "max-age=2592000"
</FilesMatch>

# WEEK
<FilesMatch "\.(js|css|pdf|txt)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>

# DAY
<FilesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=43200"
</FilesMatch>


Prevent Files image/file hotlinking and bandwidth stealing
code:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?askapache.com/.*$ [NC]
RewriteRule \.(gif|jpg|swf|flv|png)$ http://www.askapache.com/legal.gif [R=302,L]


ErrorDocuments
code:
ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php


You can also do an external link, but don't do an external link to your site or you will cause a loop that will hurt your SEO.

OTHER ARTICLES

Program Security

Safeguard your XML based messages 2

Protecting your bandwidth

Preventing directory listing

Register Global

Safeguard your XML based messages

Safeguard your XML based messages 4

About Super Global

Top 7 PHP Security Blunders (1)

Howto create a password for a htpasswd file using PHP