Please review this .htaccess Please review this .htaccess
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Please review this .htaccess

Started by macsimoin, July 02, 2006, 05:33:23 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

macsimoin

I'm stuck with having a webhost and the server my site is on uses .htaccess in the root directory, so I made this file and uploaded it:


<Files 403.shtml>
order allow,deny
allow from all
</Files>

#
#  mod_rewrite in use
#

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^Konqueror [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus


#
#  Rules
#

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php

deny from 213.176.126.205
deny from 155.207.
deny from 155.207.1.23
deny from 195.251.25.37
deny from 147.102.222.210
deny from 155.207.1.25
deny from 220.181.26.110
deny from 221.148.44.
deny from 221.48.
deny from 221.148.44.82
deny from 155.207.131.48
deny from 63.247.136.230
deny from 63.247.134.182
deny from 63.247.128.10
deny from 209.66.100.34
deny from 203.19.70.5
deny from 69.25.202.95
deny from 69.20.74.244
deny from 207.178.248.86
deny from 69.0.160.232
deny from 209.237.226.237
deny from cialis.
deny from www.cialis.
deny from www.hismeds.
deny from hismeds.
deny from online-casinos.
deny from personal-loans.
deny from texas-hold-em-poker.
deny from credit-card.
deny from hold-em-poker.
deny from www.levitra-cialis-rx.
deny from internet-poker.
deny from clonazepam.
deny from loans.ps2cool.
deny from www.cheat-elite.
deny from poker-online.
deny from poker-tournaments.
deny from online-poker.
deny from texas-hold-em.
deny from .crescentarian.net
deny from .yelucie.com
deny from texas-holdem.
deny from empire-poker.
deny from craps.
deny from online-casino.
deny from buy-viagra-online.
deny from www.nutzu.com
deny from www.highprofitclub.com
deny from free-online-poker.
deny from www.doobu.com
deny from online-poker.rohkalby.net
deny from www.texas-hold-em-1999.com
deny from buy-phentermine.ro7kalbe.com
deny from slot-machines.
deny from casinos.vinhas.net
deny from texas-hold-em.wslp24.com
deny from payday-loan.conjuratia.com
deny from www.e-poker-2005.com
deny from poker-chip-sets.
deny from winning-poker-hands.
deny from slot-machine-for-sale.
deny from .e-top-pharmacy.
deny from texas-hold-em.zindagi.us
deny from empire-poker.
deny from .zindagi.us
deny from www-hto.usc.edu
deny from .generic-online.info
deny from .pillsfarm.com
deny from .phx.gbl.
deny from .gbl.
deny from .zakona.net
deny from .seducetips.com
deny from .findteam.com
deny from .autoclan.com
deny from .ebanon.com
deny from .upindex.com
deny from .loan4.org
deny from .w3.
deny from .libwww.


Does it look okay?

Stramm

no clue for what you need the REQUEST_FILENAME part. Usually it's used to redirect to a file if keyfiles get called eg.
RewriteCond %{REQUEST_FILENAME} /oldsite.html
RewriteRule (.*) /newindex.php [L]


the rest looks OK to me on the first view (no debugging of course, hehehe)
However I don't see much sense in having such a huge htaccess. Most of the 'bad' bots usually mask theself as Mozilla or similar. So you won't block a single one.

The deny from part. Looks like you think you block traffic from certain websites. No, that's not the case. You block certain users IP addreses or their ISPs with that. You can't block a referrers IP this way.

More efficient would be to write a plugin that does some logging for all the IPs accessing your site. If a IP clicks to often in some timframe (opens to many sites/ images). It gets blocked for 10-15 minutes