Tag Archives: Linux How to

Unix Similar multi-user operating systems based on the Linux kernel and essentially on GNU software. Like CentOS, Debian, Ubuntu Fedora.

Howto Tutorials (EN)

Apache htaccess can protect suspicious sources

Home
Leave a comment

To prevent access from suspicious sources using an.htaccessfile, you can utilize several techniques. This post will show you how to employ a few methods to protect your web site by using Apache htaccess.

How to protect from suspicious sources by using Apache htaccess

how to protect from suspicious sources by using Apache htaccess

Block IP Addresses:
The Apache htaccess file is a hidden file that is stored in the directory for which it is intended to control access. You can block specific IP addresses or a range of IP addresses using the following code in your.htaccessfile:

Order deny,allow
Deny from 192.168.1.10
Deny from 192.168.1.0/24

Replace the IP addresses with the ones you want to block. You can specify individual IP addresses or use CIDR notation for a range of addresses.

Block IP Ranges:
If you want to block an entire IP range, you can use the following code:

Order deny,allow
Deny from 192.168.0.0/16

This example blocks all IP addresses starting with192.168.

Block by Hostname:
If you want to block access based on the hostname, you can add the following code into Apache htaccess:

RewriteEngine On
RewriteCond %{HTTP_HOST} example\.com [NC]
RewriteRule .* - [F]

Replace example.com with the hostname you want to block.

Block Bad User Agents:
You can block specific user agents (browsers, bots, etc.) using the following code:

SetEnvIfNoCase User-Agent "UserAgentName" bad_user
Deny from env=bad_user

Replace "UserAgentName" with the name or part of the name of the user agent you want to block.

Here are some known suspicious bad user agents integrated into Apache htaccess using RewriteCond %{HTTP_USER_AGENT}

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} "PleaseCrawl" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "^BlackWidow" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "SearchmetricsBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "SeznamBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Snoopy" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Sogou" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "URI\:\:Fetch" [NC,OR]
RewriteRule ^.* - [F,L]

Furthermore well-known abuse agents for htaccess you can find here.

Collected bad user agents and bad bots find at Hackrepair’s Pastebin.

Redirect Suspicious Requests:
If you prefer to redirect suspicious requests instead of blocking them, you can use the following code:

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^203\.0\.113\.24$
RewriteRule ^(.*)$ http://example.com/suspicious [R=301,L]

This example redirects any request from the IP address 123.45.67.89 to http://example.com/suspicious

Block access to files:
If you want to block access based on files you can use this code:

<files xmlrpc.php>
      <IfModule mod_authz_core.c>
            Require all denied
      </IfModule>
      <IfModule !mod_authz_core.c>
            Order allow,deny
            Deny from all
      </IfModule>
</files>

This example prevent access to wordpres XML-RPC.

Filter Suspicious Query Strings:
If you want to prevent access based on filter you can use this code in Apache htaccess:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
    RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
    RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    RewriteCond %{QUERY_STRING} http\: [NC,OR]
    RewriteCond %{QUERY_STRING} https\: [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(127\.0).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC]
    RewriteCond %{QUERY_STRING} !^loggedout=true
    RewriteCond %{QUERY_STRING} !^action=jetpack-sso
    RewriteCond %{QUERY_STRING} !^action=rp
    RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
    RewriteCond %{HTTP_REFERER} !^http://maps\.googleapis\.com(.*)$
    RewriteRule ^.* - [F]
</IfModule>

Remember to test these rules carefully and ensure they don’t accidentally block legitimate traffic. Additionally, make sure you have a backup of your.htaccessfile before making any changes.

Howto Tutorials (EN)

Insert text lines before the first line of a file

Home
Leave a comment

When editing text files, sometime we need insert lines before the first line in files using the Linux shell. Text lines from one file to another file are often appended at the end. If text lines are to be inserted at the beginning of a file, this article shows this as follows.

Insert text lines before the first line of a file in Terminal Shell

How to insert text lines to the first line in file

The command sed can be used to format and insert text, sed – stream editor provide the options for this, with in-place (-i) and (i) for insert text.

$ sed -i '1 i\insert this before' file.txt

Insert text line before, the following command does the same thing.

$ sed -i '1i insert this before' file.txt

Multiple text lines can also be inserted at the top.

$ sed -i '1i first line\nsecond line\nthird line' file.txt

If you want the contents of a file to be at the top of another desired file. Being insert the text lines before at the top with perform this command.

$ printf '%s\n' '0r file.1st' x | ex file.2nd

This will open file.2nd in ex (Vim in Ex mode), read in the full contents of the file.1st at the top, and then save the modified buffer back to file.2nd.

In this example, the file.1st has the following content.

first line
second line
third line

The second file has the following content.

fourth line
fifth line
sixth line

after merging the file.2nd has this content.

first line
second line
third line
fourth line
fifth line
sixth line

  Another simple approach is to rename the original filename to say file.tmp and using cat to append with >> to filename1 then rename filename1 back to filename.

Conclusion

This post describes how to. When editing text files, you can insert text lines before at the beginning of a file. Lines of text from one file to another are often appended at the end. However, if the content to be added at the top, this is explained in a few steps here. It’s always worth trying, and have fun trying it out.