Einstellungen
 

Joomla!

######## Begin - PHP Handler
#AddHandler x-httpd-php .php
#### PHP 5.2 Handler
#AddHandler x-httpd-php5 .php
#### PHP 5.3 Handler
#AddHandler x-httpd-php53 .php
######## End - PHP Handler
 
######## Begin - default character set
#AddDefaultCharset utf-8
######## End - default character set
 
######## Begin - Entity Tags
FileETag MTime Size
######## End - Entity Tags
 
######## Begin - Expires
<IfModule mod_expires.c>
  ExpiresActive On
  <FilesMatch "\.(ico|css|js)$">
    ExpiresDefault "access plus 14 days"
  </FilesMatch>
  <FilesMatch "\.(bmp|gif|jpg|jpeg|png|flv|swf|mp3|mp4|ttf|woff|svg)$">
    ExpiresDefault "access plus 7 days"
  </FilesMatch>
  <FilesMatch "\.(xml|txt|feed)$">
    ExpiresDefault "access plus 7 days"
  </FilesMatch>
  <FilesMatch "\.(php|htm|html|xhtml)$">
    ExpiresDefault "access plus 365 days"
  </FilesMatch>
</IfModule>
######## End - Expires
 
######## Begin - Cache Control
<IfModule mod_headers.c>
 <FilesMatch "\.(ico|css|js)$">
  Header set Cache-Control "max-age=1209600, public"
 </FilesMatch>
 <FilesMatch "\.(bmp|gif|jpg|jpeg|png|flv|swf|mp3|mp4|ttf|woff|svg)$">
  Header set Cache-Control "max-age=604800, public"
 </FilesMatch>
 <FilesMatch "\.(xml|txt|feed)$">
  Header set Cache-Control "max-age=604800, public, must-revalidate"
 </FilesMatch>
 <FilesMatch "\.(php|htm|html|xhtml)$">
  Header set Cache-Control "max-age=31536000, public, must-revalidate"
 </FilesMatch>
</IfModule>
######## End - Cache Control
 
######## Begin - Gzip
AddOutputFilterByType deflate text/html text/plain text/css text/javascript application/javascript application/x-javascript application/rss+xml
######## End - Gzip
 
######## Begin - Main Stuff
IndexIgnore *
RewriteEngine On
ServerSignature Off
Options -Indexes
Options +FollowSymLinks
######## End - Main Stuff
 
######## Begin - RewriteBase
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
####
#RewriteBase /
######## End - RewriteBase
 
######## Begin - Filter Request-Methods
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{HTTP_REFERER} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{THE_REQUEST} (\\r|\\n|%0A|%0D) [NC,OR]
RewriteCond %{HTTP_COOKIE} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|”>|”<|/|\\\.\.\\).{0,9999} [NC]
RewriteRule ^(.*)$ - [R=406,L]
######## End - Filter Request-Methods
 
######## Begin - Block User-Agents
RewriteCond %{HTTP_USER_AGENT} ^$
#RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget) [NC,OR]
#RewriteCond %{HTTP_USER_AGENT} (winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
#RewriteCond %{HTTP_USER_AGENT} (libwww-perl|curl|wget|python|nikto|scan) [NC,OR]
#RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
RewriteRule ^(.*)$ - [R=406,L]
######## End - Block User-Agents
 
######## Begin - QUERY_STRING Exploits
RewriteCond %{QUERY_STRING} ^.*(%0|127\.0|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|'|"|\?|\*|%%|&%%|&"|").* [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|’|'|”|\(|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|benchmark|cast|declare|drop|group|insert|into|limit|md5|select|set|truncate|union|update|where) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(/)?environ(\%[0-9A-Z]{0,2})?$ [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
RewriteRule ^(.*)$ - [R=406,L]
######## End - QUERY_STRING Exploits
 
######## Begin - HTTP(S)-FTP(S)-GENERAL File injection protection by sebastiangrinke.info
# Domain (domain.tld) - IPv4 (127.0.0.1) - IPv6 (2001:0db8:85a3:0000:0000:8a2e:0370:7334)
####
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-z0-9_]=.*(http|ftp)(s)?://(.*:.*@)?(ftp\.)?.*(\.[a-z]{1,255}|([0-9]{1,3}\.){3}[0-9]{1,3}|([0-9a-f]{0,4}:){4,7}[0-9a-f]{0,4})(:[0-9]{1,5})?/.* [NC,OR]
RewriteCond %{QUERY_STRING} [a-z0-9_]=((\./|\.\./)/?)+ [NC,OR]
RewriteCond %{QUERY_STRING} [a-z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule ^(.*)$ - [R=406,L]
######## End - HTTP(S)-FTP(S)-GENERAL File injection protection
 
######## Begin - PHP Easter Eggs protection by sebastiangrinke.info
# PHP Easter Eggs (can be used in fingerprinting attacks to get the servers PHP version).
# Have a look at http://www.0php.com/php_easter_egg.php or http://osvdb.org/12184
####
RewriteCond %{QUERY_STRING} (=)?PHP[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12} [NC]
RewriteRule ^(.*)$ - [R=406,L]
######## End - PHP Easter Eggs protection
 
######## Begin - Rewrite rules to block out some common exploits
#### Begin - Deny access to extension xml files
#<Files ~ "\.xml$">
# Order allow,deny
# Deny from all
# Satisfy all
#</Files>
#### End - Deny access to extension xml files
RewriteRule ^(changelog|configuration|copyright|credits|htaccess|install|license(s)?|phpinfo|readme|web\.config)\.(php(-dist)?|txt)$ - [NC,R=404,L]
RewriteCond %{QUERY_STRING} ^(.*&)?(tp|template(Style)?)=(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*(script|iframe).*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (base64_(en|de)code|count|concat|floor|rand).*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-z_]{1,21}(=|\%3D) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9a-z]{0,2}) [NC,OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9a-z]{0,2}) [NC]
RewriteRule ^(.*)$ index.php [R=406,L]
######## End - Rewrite rules to block out some common exploits
 
######## Begin - Joomla! core SEF Section
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
######## End - Joomla! core SEF Section
 
######## Begin - Error Stuff
ErrorDocument 401 "404 Not Found!"
ErrorDocument 403 "404 Not Found!"
ErrorDocument 404 "404 Not Found!"
ErrorDocument 406 "404 Not Found!"
ErrorDocument 500 "Internal Server Error!"
######## End - Error Stuff 

Der Server brauchte 0.0434 sek. um die Seite zu generieren.