- 25
- Nov
What is .htaccess?
I have just joined the sla.ckers web application security forum and found something particularly interesting from a post by jungsonn.
This protects against common URL encoding attacks such as SQL injection, white space, javascript, etc and redirects the URL to log.php. Log.php will then alert you via email.
Add this to .htaccess of your web root directory:
-
Options +FollowSymLinks
-
RewriteEngine On
-
RewriteCond %{QUERY_STRING} (\"|%22).*(\>|%3E|<|%3C).* [NC]
-
RewriteRule ^(.*)$ log.php [NC]
-
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC]
-
RewriteRule ^(.*)$ log.php [NC]
-
RewriteCond %{QUERY_STRING} (javascript:).*(\;).* [NC]
-
RewriteRule ^(.*)$ log.php [NC]
-
RewriteCond %{QUERY_STRING} (\;|\’|\"|\%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC]
-
RewriteRule ^(.*)$ log.php [NC]
-
RewriteRule (,|;|<|>|’|`) /log.php [NC]
Create log.php in the web root directory and add the following. Ajust your email accordingly (admin@site.com) and don’t forget PHP tags!:
PHP
I hope you implement this and if you have any more .htacccess hacks, please leave them in the comments. I look forward to my future ventures at the sla.ckers forum. Don’t forget to check out the ha.ckers site as well.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Related Posts
Tags: .htaccess, Security, Web development
November 27th, 2007 at 4:29 am
Shouldn’t you sanitize the user agent, etc???
November 27th, 2007 at 10:39 am
I am open to suggestions. Feel free to add to it.
July 24th, 2008 at 2:51 pm
[...] too complicated for you? Try the simple .htaccess intrusion detection system. Related PostsNikto 2 ReleasedAll In One Security Gateway – UntangleTop 10 Firefox [...]