PDA

Voir la version complète : Sécuriser un site via htaccess

esf
04/02/2008, 21h27
Un exemple de code placé à la racine d'un site (forum).

Vous pouvez personnaliser le fichier mais conserver les lib libwww-perl, wget et python.urllib... très utilisés par certains russes... Les autres useragents peuvent être supprimés si vous trouvez que le htaccess ralentit votre site.

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} acoi [NC,OR]
RewriteCond %{HTTP_USER_AGENT} anon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} asptear [NC,OR]
RewriteCond %{HTTP_USER_AGENT} bandit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} cache [NC,OR]
RewriteCond %{HTTP_USER_AGENT} cj.spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} collect [NC,OR]
RewriteCond %{HTTP_USER_AGENT} combine [NC,OR]
RewriteCond %{HTTP_USER_AGENT} control [NC,OR]
RewriteCond %{HTTP_USER_AGENT} contrpl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} contype [NC,OR]
RewriteCond %{HTTP_USER_AGENT} copier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} copy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dnload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} download [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dsns [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dts.agent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ecatch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} email [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} filehound [NC,OR]
RewriteCond %{HTTP_USER_AGENT} flashget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} frontpage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ftp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fuck [NC,OR]
RewriteCond %{HTTP_USER_AGENT} getright [NC,OR]
RewriteCond %{HTTP_USER_AGENT} getter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} go.zilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} go.ahead.got.it [NC,OR]
RewriteCond %{HTTP_USER_AGENT} grab [NC,OR]
RewriteCond %{HTTP_USER_AGENT} grub.client [NC,OR]
RewriteCond %{HTTP_USER_AGENT} httpget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} httrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} hyperspin [NC,OR]
RewriteCond %{HTTP_USER_AGENT} installshield.digitalwizard [NC,OR]
RewriteCond %{HTTP_USER_AGENT} internetseer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jobo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} konqueror [NC,OR]
RewriteCond %{HTTP_USER_AGENT} leech [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} lwp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} mailto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} mister.pix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} moozilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} netants [NC,OR]
RewriteCond %{HTTP_USER_AGENT} newt [NC,OR]
RewriteCond %{HTTP_USER_AGENT} offline [NC,OR]
RewriteCond %{HTTP_USER_AGENT} oliverperry [NC,OR]
RewriteCond %{HTTP_USER_AGENT} pavuk [NC,OR]
RewriteCond %{HTTP_USER_AGENT} picture [NC,OR]
RewriteCond %{HTTP_USER_AGENT} pingalink [NC,OR]
RewriteCond %{HTTP_USER_AGENT} publish [NC,OR]
RewriteCond %{HTTP_USER_AGENT} python.urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} registry.verify [NC,OR]
RewriteCond %{HTTP_USER_AGENT} scan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} snag [NC,OR]
RewriteCond %{HTTP_USER_AGENT} softwing [NC,OR]
RewriteCond %{HTTP_USER_AGENT} strip [NC,OR]
RewriteCond %{HTTP_USER_AGENT} stamina [NC,OR]
RewriteCond %{HTTP_USER_AGENT} surveybot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} teleport [NC,OR]
RewriteCond %{HTTP_USER_AGENT} t.h.u.n.d.e.r.s.t.o.n.e [NC,OR]
RewriteCond %{HTTP_USER_AGENT} turnitinbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} udmsearch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webcollage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webfilter.robot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webinator [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webreaper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webwasher [NC,OR]
RewriteCond %{HTTP_USER_AGENT} wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} wildsoft [NC,OR]
RewriteCond %{HTTP_USER_AGENT} wwwoffle [NC,OR]
RewriteCond %{HTTP_USER_AGENT} zip [NC]
RewriteRule ^.* - [F]

<Files 403.shtml>
order allow,deny
allow from all
</Files>

Source: http://www.levrah.net/support.mv?resw=800+type=faq_hosting
Ombre
05/02/2008, 04h35
Slt, merci pour cet exemple que je n'appelle pas trop un tutoriel par contre... une petite question, pourquoi vouloir empêcher yahoo d'indexer le forum?
esf
05/02/2008, 07h50
- J'ai posté ici sans trop réfléchir, déplacez-le si vous le jugez approprié.
- J'ai supprimé la partie Yahoo. Contrairement à Google, les robots de Yahoo utilisent plusieurs IPs pour indexer les pages d'un site (forum). Sur un forum avec une base de grande taille, ces robots peuvent surcharger un serveur.

Un peu plus d'explications ici: SpamCop Discussion s latest Bot attacks (http://forum.spamcop.net/forums/lofiversion/index.php/t8442.html)
gael
05/02/2008, 08h55
Quel est le but de ce code ?
esf
05/02/2008, 09h01
Protéger ton site (forum) contre les robots qui scannent les failles de sécurité dans les applications.

Détails: ici (http://www.webrankinfo.com/forums/viewtopic_64945.htm) et là (http://www.webrankinfo.com/forums/viewtopic_85154.htm)