-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess
216 lines (178 loc) · 7.31 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
##########################################################################
# PHP- Titanium v3.0.0 : Enhanced PHP-Nuke Web Portal System #
##########################################################################
# -------------------------------------------
# Comment this out if PHP is run as CGI
# -------------------------------------------
# PHP_FLAG register_globals On
# PHP_FLAG output_buffering On
Options All -Indexes
# -------------------------------------------
# Swap index.html index.php for html start page
# -------------------------------------------
DirectoryIndex index.php index.html
Options +FollowSymlinks
<IfModule mod_rewrite.c>
RewriteEngine on
AddHandler application/wasm-wasm .wasm
##################################################################################################
# Force SSL - no insecure data connections! ##### Added By Ernest Allen Buffington 08/05/2019
##################################################################################################
RewriteCond %{HTTPS} off
#RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}
# Use HTTP Strict Transport Security to force client to use secure connections only Header
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
##################################################################################################
# Force WWW - this is only needed for root domains... ##### Added By Ernest Allen Buffington 03/16/2021
##################################################################################################
RewriteCond %{HTTP_HOST} !=""
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
##################################################################################################
# -------------------------------------------
# Security Rewrites
# -------------------------------------------
#Redirect /proarcade.php /modules.php?name=Forums&file=proarcade
# -------------------------------------------
# Lazy Google Tap
# -------------------------------------------
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7&$8=$9 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7#$8 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5#$6 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3#$4 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3 [L]
RewriteRule ^86it-index.html#(.*)$ /index.php#$1 [L]
RewriteRule ^86it-index.html$ /index.php [L]
RewriteRule ^86it-(.*)\.html#(.*)$ /modules.php?name=$1#$2 [L]
RewriteRule ^86it-(.*)\.html$ /modules.php?name=$1 [L]
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl
RewriteRule ^.*$ http://127.0.0.1 [R,L]
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl/[0-9].[0-9]*
RewriteRule ^.*$ http://127.0.0.1 [R,L]
</IfModule>
# for hosts that don't allow the above, we won't give people anything to look at
<IfModule mod_autoindex.c>
IndexIgnore *
</IfModule>
# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .htaccess>
deny from all
</Files>
<Files .staccess>
deny from all
</Files>
# <Files admin.php>
# <Limit GET POST PUT>
# require valid-user
# </Limit>
# AuthName "Restricted"
# AuthType Basic
# AuthUserFile /PATH/TO/YOUR/.staccess
# </Files>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------
# Disable .htaccess viewing from browser
<files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</files>
# Vimeo
# Disable vconfig.php viewing from browser
<files ~ "\vconfig.php$">
deny from all
</files>
# 86it Network Config
# Disable nconfig.php viewing from browser
<files ~ "\nconfig.php$">
deny from all
</files>
# facebook Config
# Disable fbconfig.php viewing from browser
<files ~ "\fbconfig.php$">
deny from all
</files>
# Disable config.php viewing from browser
<files ~ "\config.php$">
deny from all
</files>
# deny most common except .php/.html
<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module|exe)$">
deny from all
</FilesMatch>
<FilesMatch "versions\feed.php">
allow from all
</FilesMatch>
<FilesMatch "versions\index.php">
allow from all
</FilesMatch>
# -------------------------------------------
# Setup caching
# -------------------------------------------
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A0
# Set up caching on media files for 1 year (forever?)
<FilesMatch "\.(ico|flv|pdf|mov|mp3|wmv|ppt)$">
ExpiresDefault A29030400
Header append Cache-Control "public"
</FilesMatch>
# Set up caching on media files for 1 week
<FilesMatch "\.(gif|jpg|jpeg|png|swf|bmp)$">
ExpiresDefault A604800
Header append Cache-Control "public"
</FilesMatch>
# Set up 2 Hour caching on commonly updated files
<FilesMatch "\.(xml|txt|html|js|css)$">
ExpiresDefault A7200
Header append Cache-Control "private, proxy-revalidate, must-revalidate"
</FilesMatch>
</IfModule>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------
# Banned Bad Bots
# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
php_flag display_errors On
php_value max_execution_time 5000
php_value max_input_time 5000
php_value max_input_vars 1000
php_value memory_limit 128M
php_value post_max_size 750M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php81"
php_value upload_max_filesize 750M
php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
php_flag display_errors On
php_value max_execution_time 5000
php_value max_input_time 5000
php_value max_input_vars 1000
php_value memory_limit 128M
php_value post_max_size 750M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php81"
php_value upload_max_filesize 750M
php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php81” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php81 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit