scottybcoder.86it.us/.htaccess at main · scottybcoder/scottybcoder.86it.us · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
##########################################################################
# PHP- Titanium v3.0.0 : Enhanced PHP-Nuke Web Portal System             #
##########################################################################

# -------------------------------------------
# Comment this out if PHP is run as CGI
# -------------------------------------------

# PHP_FLAG register_globals On
# PHP_FLAG output_buffering On

Options All -Indexes
# -------------------------------------------
# Swap index.html index.php for html start page
# -------------------------------------------
DirectoryIndex index.php index.html

Options +FollowSymlinks
<IfModule mod_rewrite.c>
RewriteEngine on
AddHandler application/wasm-wasm .wasm

##################################################################################################
# Force SSL - no insecure data connections!                                                      ##### Added By Ernest Allen Buffington 08/05/2019
##################################################################################################
RewriteCond %{HTTPS} off
#RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}

# Use HTTP Strict Transport Security to force client to use secure connections only Header
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

##################################################################################################
# Force WWW - this is only needed for root domains...                                            ##### Added By Ernest Allen Buffington 03/16/2021
##################################################################################################
RewriteCond %{HTTP_HOST} !=""
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
##################################################################################################

# -------------------------------------------
# Security Rewrites
# -------------------------------------------
Redirect /proarcade.php /modules.php?name=Forums&file=proarcade

# -------------------------------------------
# Lazy Google Tap
# -------------------------------------------

RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7&$8=$9 [L]

RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7#$8 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5&$6=$7 [L]

RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3&$4=$5#$6 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3&$4=$5 [L]

RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html#(.*)$ /modules.php?name=$1&$2=$3#$4 [L]
RewriteRule ^86it-(.*)_-_(.*)_-_(.*)\.html$ /modules.php?name=$1&$2=$3 [L]

RewriteRule ^86it-index.html#(.*)$ /index.php#$1 [L]
RewriteRule ^86it-index.html$ /index.php [L]

RewriteRule ^86it-(.*)\.html#(.*)$ /modules.php?name=$1#$2 [L]
RewriteRule ^86it-(.*)\.html$ /modules.php?name=$1 [L]

RewriteCond %{HTTP_USER_AGENT} ^libwww-perl
RewriteRule ^.*$ http://127.0.0.1 [R,L]

RewriteCond %{HTTP_USER_AGENT} ^libwww-perl/[0-9].[0-9]*
RewriteRule ^.*$ http://127.0.0.1 [R,L]
</IfModule>

# for hosts that don't allow the above, we won't give people anything to look at
<IfModule mod_autoindex.c>
 IndexIgnore *
</IfModule>


# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .htaccess>
  deny from all
</Files>

<Files .staccess>
  deny from all
</Files>

# <Files admin.php>
#    <Limit GET POST PUT>
#      require valid-user
#    </Limit>
#    AuthName "Restricted"
#    AuthType Basic
#    AuthUserFile /PATH/TO/YOUR/.staccess
# </Files>
# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------

# Disable .htaccess viewing from browser
<files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</files>

# Network Titanium SDK v5
# Disable fbconfig.php viewing from browser
<files ~ "\nconfig.php$">
    deny from all
</files>

# facebook Titanium SDK v5
# Disable fbconfig.php viewing from browser
<files ~ "\fbconfig.php$">
    deny from all
</files>

# Disable config.php viewing from browser
<files ~ "\config.php$">
    deny from all
</files>

# deny most common except .php/.html
<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module|exe)$">
deny from all
</FilesMatch>

<FilesMatch "versions\feed.php">
  allow from all
</FilesMatch>
<FilesMatch "versions\index.php">
  allow from all
</FilesMatch>

# -------------------------------------------
# Setup caching
# -------------------------------------------

<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A0

# Set up caching on media files for 1 year (forever?)
<FilesMatch "\.(ico|flv|pdf|mov|mp3|wmv|ppt)$">
  ExpiresDefault A29030400
  Header append Cache-Control "public"
</FilesMatch>

# Set up caching on media files for 1 week
<FilesMatch "\.(gif|jpg|jpeg|png|swf|bmp)$">
ExpiresDefault A604800
Header append Cache-Control "public"
</FilesMatch>

# Set up 2 Hour caching on commonly updated files
<FilesMatch "\.(xml|txt|html|js|css)$">
  ExpiresDefault A7200
  Header append Cache-Control "private, proxy-revalidate, must-revalidate"
</FilesMatch>
</IfModule>

# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------

# Banned Bad Bots

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit