GET/POST Security with .htaccess

Below is a useful code to block out some common exploits for GET/POST values with .htaccess
Simply add the code to your /public_html/.htaccess file:

# GET/POST Security with .htaccess
Options +FollowSymLinks
RewriteEngine On
#
# Block out any script trying to set a mosConfig value through the URL (Joomla)
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a < script > tag in URL
RewriteCond %{QUERY_STRING} (\|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with ‘403 Forbidden’ error.
RewriteRule ^(.*)$ index.php [F,L]

Was this answer helpful?

Also Read

.htaccess 301 Redirect Generator

A simple .htaccess 301 redirect generator to be used to create SEO friendly permanent redirects....

Secure Joomla with .htaccess

Advanced .htaccess rules that will overall secure and increase the speed of your Joomla...

Secure Joomla with .htaccess

Advanced .htaccess rules that will overall secure and increase the speed of your Joomla...

Block visitors by IP address using .htaccess

Deny access based upon IP address, or an IP block, by placing the following code into your...

Point your home page URL to a subdirectory

Method 1 - Redirect your main domain to a subfolder on that domain: RewriteEngine On# Change...