apache_conf 针对.htaccess的安全调整片段。
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了apache_conf 针对.htaccess的安全调整片段。相关的知识,希望对你有一定的参考价值。
# Deny access to include files.
<Files ~ "\.inc$">
Order Allow,Deny
Deny from All
</Files>
# Deny access to hidden files.
RedirectMatch 403 /\..*$
# Deny access to folders.
Options +ExecCGI +FollowSymLinks -MultiViews -Indexes
<IfModule mod_headers.c>
# Prevent MIME based attacks.
Header set X-Content-Type-Options "nosniff"
# Disallow iframes of your website on other sites.
Header set X-Frame-Options "sameorigin"
# Cross-Site-Scripting Protection
Header set X-XSS-Protection "1; mode=block"
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
# Prevent image hotlinking.
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^(.*)://example.com(.*) [NC]
RewriteCond %{HTTP_REFERER} !^(.*)://(.*).example.com(.*) [NC]
RewriteCond %{HTTP_REFERER} %{REMOTE_ADDR}
RewriteRule \.(jpe?g|png|svg|gif|bmp|js|css)$ - [F,L]
# Enforce HTTPS/SSL.
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
以上是关于apache_conf 针对.htaccess的安全调整片段。的主要内容,如果未能解决你的问题,请参考以下文章
apache_conf Bot Block .htaccess #htaccess #botblock
apache_conf 通过.htaccess(主.htaccess)保护wordpress网站
apache_conf [linux:.htaccess] apache的htaccess说明。 #linux #apache
apache_conf Seguridad .htaccess
apache_conf htaccess的
apache_conf 重定向htaccess