|
|
|
# Standard Declaration Procedures for Imeji System
|
|
|
|
ErrorDocument 403 /public/403.php
|
|
|
|
ErrorDocument 404 /public/404.php
|
|
|
|
IndexOptions +FancyIndexing
|
|
|
|
IndexIgnore *
|
|
|
|
|
|
|
|
# HTTPS Redirection
|
|
|
|
RewriteEngine On
|
|
|
|
RewriteCond %{HTTPS} off
|
|
|
|
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
|
|
|
|
|
|
|
# Hackerbots Prevention
|
|
|
|
RewriteEngine on
|
|
|
|
RewriteCond %{HTTP_USER_AGENT} ^ZmEu [OR]
|
|
|
|
RewriteCond %{HTTP_USER_AGENT} (.*)Msqq(.*)
|
|
|
|
RewriteRule .* http://www.urbandictionary.com/define.php?term=fuck+you [R=301,L]
|
|
|
|
|
|
|
|
# Prevent public access to the logs, requires login through HTTPS
|
|
|
|
<FilesMatch "(logs.php|uploads.log)$">
|
|
|
|
SSLOptions +StrictRequire
|
|
|
|
SSLRequireSSL
|
|
|
|
SSLRequire %{HTTP_HOST} eq "%{HTTP_HOST}%{REQUEST_URI}"
|
|
|
|
ErrorDocument 403 https://%{HTTP_HOST}%{REQUEST_URI}
|
|
|
|
AuthType Basic
|
|
|
|
AuthName "Restricted Area"
|
|
|
|
AuthUserFile /var/www/passes/imeji/.htpasswd
|
|
|
|
Require valid-user
|
|
|
|
</FilesMatch>
|
|
|
|
|
|
|
|
# Allow linking asset elemets across subdomains
|
|
|
|
<IfModule mod_headers.c>
|
|
|
|
Header set Access-Control-Allow-Origin "*"
|
|
|
|
</IfModule>
|
|
|
|
|