richardK,
1) My httpd.conf is looks like this ...
RewriteEngine On
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 9
# is this required?
Options +FollowSymLinks
#
RewriteCond %{REQUEST_URI} ^.*(,|;|:|<|>|">|"<|/|\\\.\.\\|\\r).*$ [NC,OR]
RewriteCond %{REQUEST_URI} ^.*(\=|\@|\[|\]|\^|\`|\{|\}|\~|\\n).*$ [NC,OR]
RewriteCond %{REQUEST_URI} ^.*(\'|%0A|%0D|%27|%3C|%3E|%00).*$ [NC]
RewriteRule ^(.*)$ - [F]
# these extensions
RewriteCond %{THE_REQUEST} ^.*(bs|php|dll).*$ [NC]
RewriteRule ^(.*)$ http://${REMOTE_ADDR}/ [R]
#
RewriteCond %{THE_REQUEST} ^!(POST\ /|GET\ /).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(\\xc9\\xc9).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(/mail/|/roundcube/|/user/).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(_vti_bin|w00tw00t|google|proxyfire).*$ [NC]
RewriteRule ^(.*)$ http://${REMOTE_ADDR}/ [R]
# stop these agents
RewriteCond %{HTTP_USER_AGENT} ^.*(Morfeus|Fucking|Toata).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^\-$ [NC]
RewriteRule ^(.*)$ http://${REMOTE_ADDR}/ [R]
# these referrers
RewriteCond %{HTTP_REFERRER} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
RewriteCond %{HTTP_REFERRER} ^http://(www\.)?.*(-|.)?adult(-|.).*$ [NC,OR]
RewriteCond %{HTTP_REFERRER} ^http://(www\.)?.*(-|.)?poker(-|.).*$ [NC,OR]
RewriteCond %{HTTP_REFERRER} ^http://(www\.)?.*(-|.)?SPAM(-|.).*$ [NC]
RewriteRule ^(.*)$ - [F]
# cookie exploits
RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|%0a|%0D|%27|%3C|%3E|%00).* [NC]
RewriteRule ^(.*)$ - [F]
# user agents
RewriteCond %{HTTP_USER_AGENT} ^$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(HTTrack|clshttp|archiver|loader|email|nikto|miner|python).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(winhttp|libwww\-perl|curl|wget|harvest|scan|grab|extract).*$ [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).*$ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\.|\*|;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*$ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).*$ [NC]
RewriteRule ^(.*)$ - [F]
# allow ServerSideIncludes to show date forthe folder only
<Directory /var/www/camera/*>
AllowOverride All
Options Includes
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</Directory>
2. This is what my /etc/apache2/sites-enabled/default site file looks like ...
NameVirtualHost *
<VirtualHost *>
ServerAdmin xxxxxxxxxx@gmail.com
DocumentRoot /var/www/
<Directory />
Options +FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride
Order allow,deny
Allow from all
Deny from 61
Deny from 76.120.153.220
# Deny from 192.168.1.1
</Directory>
<Directory /var/www/camera/>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride none
Order allow,deny
Allow from all
AddType text/html shtml
AddHandler server-parsed shtml
</Directory>
<Directory /var/www/test/>
Options FollowSymLinks
AllowOverride all
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature Off
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
I will change the line 'AllowOverride' above to 'AllowOverride All' in the DEFAULT site file.
Thanks,
Rich
Rich