cl-mod-rewrite/files/htaccess_restrictive.txt

################################################################################
# ConLite AMR plugin restrictive rewrite rules set.
#
# Contains strict rules, each rewrite exclusion must be set manually.
# - Exclude requests to directories usage/, conlite/, setup/, cms/upload/
# - Exclude requests to cms/front_content.php, cms/dbfs.php
# - Pass thru requests to common ressources (pictures, movies, js, css, pdf)
#
# @version    1.0.0
# @author     Ortwin Pinke <ortwin.pinke@php-backoffice.de>
# @author     Murat Purc <murat@purc.de>
# @copyright  2019 ConLite Team
# @link       http://www.conlite.org
#
# Versions before 1.0 copyright 4fb, author Murat Purc
#
# $Id: htaccess_restrictive.txt 145 2019-10-25 16:00:47Z oldperl $
################################################################################

<IfModule mod_rewrite.c>

    # Enable rewrite engine
    RewriteEngine on

    # Specify a base URL-path for the rules
    RewriteBase /cms

    # Catch some common exploits in query string to get rid of them.
    # NOTE: Conditions to prevent protocols (ftp, http[s]) in query string could
    #       be a disadvantage in some cases.
    RewriteCond %{QUERY_STRING} contenido_path=.*$  [NC,OR]
    RewriteCond %{QUERY_STRING} cfg\[path\]=.*$  [NC,OR]
    RewriteCond %{QUERY_STRING} _PHPLIB\[libdir\]=.*$  [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} ftp://.*$  [NC,OR]
    RewriteCond %{QUERY_STRING} http[s]*://.*$ [NC]
    RewriteRule ^.* - [F,L]  # all matching conditions from above will end in nirvana

    # Exclude some files and directories from rewriting
    RewriteRule ^usage/.*$ - [L]
    RewriteRule ^conlite/.*$ - [L]
    RewriteRule ^setup/.*$ - [L]
    RewriteRule ^cms/upload/.*$ - [L]
    RewriteRule ^cms/test/.*$ - [L]
    RewriteRule ^cms/front_content.php.*$ - [L]
    RewriteRule ^cms/dbfs.php.*$ - [L]

    # Exclude common extensions from rewriting and pass remaining requests to
    # front_content.php.
    RewriteRule !\.(avi|css|doc|flv|gif|gzip|ico|jpeg|jpg|js|mov|mp3|pdf|png|ppt|rar|svg|swf|txt|wav|wmv|xml|zip)$ front_content.php [NC,QSA,L]

</IfModule>

# Some rules to compress files.
# NOTE: Following settings are not mod rewrite specific, but enabling mod_deflate
#       for some file types can help to reduce bandwith.
<IfModule mod_deflate.c>
    <FilesMatch "\.(js|css|html|htm|php|xml)$">
        SetOutputFilter DEFLATE
    </FilesMatch>
</IfModule>
init files 2019-11-04 15:57:28 +00:00			`################################################################################`
			`# ConLite AMR plugin restrictive rewrite rules set.`
			`#`
			`# Contains strict rules, each rewrite exclusion must be set manually.`
			`# - Exclude requests to directories usage/, conlite/, setup/, cms/upload/`
			`# - Exclude requests to cms/front_content.php, cms/dbfs.php`
			`# - Pass thru requests to common ressources (pictures, movies, js, css, pdf)`
			`#`
			`# @version 1.0.0`
			`# @author Ortwin Pinke <ortwin.pinke@php-backoffice.de>`
			`# @author Murat Purc <murat@purc.de>`
			`# @copyright 2019 ConLite Team`
			`# @link http://www.conlite.org`
			`#`
			`# Versions before 1.0 copyright 4fb, author Murat Purc`
			`#`
			`# $Id: htaccess_restrictive.txt 145 2019-10-25 16:00:47Z oldperl $`
			`################################################################################`

			`<IfModule mod_rewrite.c>`

			`# Enable rewrite engine`
			`RewriteEngine on`

			`# Specify a base URL-path for the rules`
			`RewriteBase /cms`

			`# Catch some common exploits in query string to get rid of them.`
			`# NOTE: Conditions to prevent protocols (ftp, http[s]) in query string could`
			`# be a disadvantage in some cases.`
			`RewriteCond %{QUERY_STRING} contenido_path=.*$ [NC,OR]`
			`RewriteCond %{QUERY_STRING} cfg\[path\]=.*$ [NC,OR]`
			`RewriteCond %{QUERY_STRING} _PHPLIB\[libdir\]=.*$ [NC,OR]`
			`RewriteCond %{QUERY_STRING} (\<\|%3C).script.(\>\|%3E) [NC,OR]`
			`RewriteCond %{QUERY_STRING} ftp://.*$ [NC,OR]`
			`RewriteCond %{QUERY_STRING} http[s]://.$ [NC]`
			`RewriteRule ^.* - [F,L] # all matching conditions from above will end in nirvana`

			`# Exclude some files and directories from rewriting`
			`RewriteRule ^usage/.*$ - [L]`
			`RewriteRule ^conlite/.*$ - [L]`
			`RewriteRule ^setup/.*$ - [L]`
			`RewriteRule ^cms/upload/.*$ - [L]`
			`RewriteRule ^cms/test/.*$ - [L]`
			`RewriteRule ^cms/front_content.php.*$ - [L]`
			`RewriteRule ^cms/dbfs.php.*$ - [L]`

			`# Exclude common extensions from rewriting and pass remaining requests to`
			`# front_content.php.`
			`RewriteRule !\.(avi\|css\|doc\|flv\|gif\|gzip\|ico\|jpeg\|jpg\|js\|mov\|mp3\|pdf\|png\|ppt\|rar\|svg\|swf\|txt\|wav\|wmv\|xml\|zip)$ front_content.php [NC,QSA,L]`

			`</IfModule>`

			`# Some rules to compress files.`
			`# NOTE: Following settings are not mod rewrite specific, but enabling mod_deflate`
			`# for some file types can help to reduce bandwith.`
			`<IfModule mod_deflate.c>`
			`<FilesMatch "\.(js\|css\|html\|htm\|php\|xml)$">`
			`SetOutputFilter DEFLATE`
			`</FilesMatch>`
			`</IfModule>`