41 lines
1.2 KiB
Plaintext
41 lines
1.2 KiB
Plaintext
server.modules += ( "mod_redirect" )
|
|
|
|
#PREVENTING EXPLOITS
|
|
$HTTP["querystring"] =~ "base64_encode[^(]*\([^)]*\)" {
|
|
url.redirect = (".*" => "/index.php" )
|
|
}
|
|
$HTTP["querystring"] =~ "(<|%3C)([^s]*s)+cript.*(>|%3E)" {
|
|
url.redirect = (".*" => "/index.php" )
|
|
}
|
|
$HTTP["querystring"] =~ "GLOBALS(=|\[|\%[0-9A-Z])" {
|
|
url.redirect = (".*" => "/index.php" )
|
|
}
|
|
$HTTP["querystring"] =~ "_REQUEST(=|\[|\%[0-9A-Z])" {
|
|
url.redirect = (".*" => "/index.php" )
|
|
}
|
|
|
|
#REROUTING TO THE INDEX PAGE
|
|
url.rewrite-if-not-file = (
|
|
"^/(.*)$" => "/index.php?$1"
|
|
)
|
|
|
|
#IMPROVING SECURITY
|
|
$HTTP["url"] =~ "^/(LICENSE\.txt|composer\.json|composer\.lock|nginx\.conf|web\.config)$" {
|
|
url.access-deny = ("")
|
|
}
|
|
$HTTP["url"] =~ "^/(\.git|cache|bin|logs|backup|tests)/(.*)" {
|
|
url.access-deny = ("")
|
|
}
|
|
$HTTP["url"] =~ "^/(system|user|vendor)/(.*)\.(txt|md|html|htm|shtml|shtm|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|twig|sh|bat)$" {
|
|
url.access-deny = ("")
|
|
}
|
|
$HTTP["url"] =~ "^/(\.(.*))" {
|
|
url.access-deny = ("")
|
|
}
|
|
url.access-deny += (".md","~",".inc")
|
|
|
|
#PREVENT BROWSING AND SET INDEXES
|
|
$HTTP["url"] =~ "^/grav_path($|/)" {
|
|
index-file.names = ( "index.php", "index.html" , "index.htm" )
|
|
}
|