Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Options All -Indexes
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^Anasayfa$ index.php
RewriteRule ^sitemap.html$ sitemap.php
RewriteRule ^sitemap.xml$ sitemap.php
############SİTE BAKIM MODU URL###################
RewriteRule ^Gecici-olarak-hizmet-disi.*$ back/Kapali/index.php [L,QSA]
RewriteRule ^Uyeliginiz-Yasaklandi.*$ back/error/userbanned.php [L,QSA]
# Enable Compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE font/woff
AddOutputFilterByType DEFLATE font/woff2
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE image/webp
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>
<IfModule mod_mime.c>
AddType font/opentype .otf
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
AddType application/x-font-ttf .ttf
AddType application/vnd.ms-fontobject .eot
AddType image/svg+xml .svg
</IfModule>
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include mime ^application/x-javascript/
mod_gzip_item_include mime ^text//
mod_gzip_item_exclude rspheader ^Content-Encoding:/gzip/
mod_gzip_item_exclude mime ^image//
mod_gzip_item_include handler ^cgi-script$
</ifModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType application/javascript "access plus 1 years"
ExpiresByType application/vnd.ms-fontobject "access plus 1 years"
ExpiresByType application/xhtml+xml "access plus 10 minutes"
ExpiresByType application/x-javascript "access plus 1 years"
ExpiresByType application/x-shockwave-flash "access plus 1 years"
ExpiresByType application/x-woff "access plus 1 years"
ExpiresByType application/x-woff2 "access plus 1 years"
ExpiresByType font/otf "access plus 1 years"
ExpiresByType font/ttf "access plus 1 years"
ExpiresByType image/gif "access plus 1 years"
ExpiresByType image/jpeg "access plus 1 years"
ExpiresByType image/png "access plus 1 years"
ExpiresByType image/webp "access plus 1 years"
ExpiresByType image/svg+xml "access plus 1 years"
ExpiresByType image/x-icon "access plus 1 years"
ExpiresByType text/css "access plus 1 years"
ExpiresByType text/html "access plus 10 minutes"
ExpiresByType text/javascript "access plus 1 years"
ExpiresByType video/x-flv "access plus 1 years"
</IfModule>
<IfModule mod_headers.c>
Header set Cross-Origin-Embedder-Policy: cross-origin
Header set Cross-Origin-Opener-Policy: cross-origin
Header set Cross-Origin-Resource-Policy: cross-origin
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "SAMEORIGIN"
Header set X-Content-Type-Options "nosniff"
### Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains" preload
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header set Expect-CT enforce,max-age=2592000,report-uri="https://ajans.softyrapps.com/report"
Header set Referrer-Policy "same-origin"
Header always set Content-Security-Policy: "default-src 'none';"
Header always set Content-Security-Policy: "script-src 'self' https://wa.me/ https://cdn.tiny.cloud/ https://www.google-analytics.com https://ajax.googleapis.com https://www.ajans.softyrapps.com/ https://www.google.com/recaptcha/ https://googleads.g.doubleclick.net/ https://static.doubleclick.net/ https://cdn.onesignal.com/sdks/ https://onesignal.com/sdks/;"
Header always set Content-Security-Policy: "style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://wa.me/ https://cdn.tiny.cloud/ https://www.ajans.softyrapps.com https://ajans.softyrapps.com https://fonts.googleapis.com https://cdnjs.cloudflare.com/ https://www.google.com/recaptcha/ https://fonts.gstatic.com/ https://cdn.onesignal.com/sdks/ https://onesignal.com/sdks/;"
Header always set Permissions-Policy: fullscreen=(self "https://ajans.softyrapps.com"),geolocation=*, camera=()
<FilesMatch "\\.(ico|jpeg|jpg|png|gif|swf)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\\.(css)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\\.(js)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\.(ttf|otf|eot|woff|woff2|svg)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
RewriteCond "%{HTTP:Accept-encoding}" "gzip"
RewriteCond "%{REQUEST_FILENAME}\.gz" -s
RewriteRule "^(/)\.css" "$1\.css\.gz" [QSA]
RewriteCond "%{HTTP:Accept-encoding}" "gzip"
RewriteCond "%{REQUEST_FILENAME}\.gz" -s
RewriteRule "^(/)\.js" "$1\.js\.gz" [QSA]
RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1]
RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]
</IfModule>
# MIME TYPES
<IfModule mod_mime.c>
# DEFAULTS
DefaultLanguage tr
AddLanguage tr-TR .html .css .js
AddCharset utf-8 .html .css .js .xml .json .rss .atom
# JAVASCRIPT
AddType application/javascript js jsonp
AddType application/json json
# FONTS
AddType font/opentype otf
AddType application/font-woff woff
AddType application/x-font-woff woff
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttc ttf
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
# AUDIO
AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg
# VIDEO
AddType video/mp4 mp4 m4v f4v f4p
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
# OTHERS
AddType application/octet-stream safariextz
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-shockwave-flash swf
AddType application/x-web-app-manifest+json webapp
AddType application/x-xpinstall xpi
AddType application/xml atom rdf rss xml
AddType application/vnd.openxmlformats .docx .pptx .xlsx .xltx . xltm .dotx .potx .ppsx
AddType text/cache-manifest appcache manifest
AddType text/vtt vtt
AddType text/x-component htc
AddType text/x-vcard vcf
AddType image/webp webp
AddType image/x-icon ico
</IfModule>
#hata sayfalarını sabitlemek
ErrorDocument 404 /back/error/404.php
ErrorDocument 403 /back/error/403.php
ErrorDocument 500 /back/error/500.php
#Php Shell engellemek
RewriteCond %{REQUEST_URI} /((php|my)?shell|remview/|phpremoteview/|sshphp/|pcom|nstview/|c99|r57|webadmin/|phpget/|phpwriter/|fileditor/|locus7/|storm7/)\.(p?s?x?htm?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR] RewriteCond %{REQUEST_METHOD} (GET|POST) [NC] RewriteCond %{QUERY_STRING} ^(/)=/home(.+)?/loginftp/(/)$ [OR] RewriteCond %{QUERY_STRING} ^work_dir=/$ [OR] RewriteCond %{QUERY_STRING} ^command=/&output/$ [OR] RewriteCond %{QUERY_STRING} ^nts_[a-z0-9_]{0,10}=/$ [OR] RewriteCond %{QUERY_STRING} ^(/)cmd=/$ [OR] ## BU KURALA DIKKAT EDIN SITENIZIN CALISMASINI ENGELLEYEBILIR##
RewriteCond %{QUERY_STRING} ^c=(t|setup|codes)$ [OR] RewriteCond %{QUERY_STRING} ^act=((about|cmd|selfremove|chbd|trojan|backc|massbrowsersploit|exploits|grablogins|upload/)|((chmod|f)&f=/))$ [OR] RewriteCond %{QUERY_STRING} ^act=(ls|search|fsbuff|encoder|tools|processes|ftpquickbrute|security|sql|eval|update|feedback|cmd|gofile|mkfile)&d=/$ [OR] RewriteCond %{QUERY_STRING} ^&?c=(l?v?i?&d=|v&fnot=|setup&ref=|l&r=|d&d=|tree&d|t&d=|e&d=|i&d=|codes|md5crack)/$ [OR] RewriteCond %{QUERY_STRING} ^(/)([-_a-z]{1,15})=(ls|cd|cat|rm|mv|vim|chmod|chdir|mkdir|rmdir|pwd|clear|whoami|uname|tar|zip|unzip|tar|gzip|gunzip|grep|more|ln|umask|telnet|ssh|ftp|head|tail|which|mkmode|touch|logname|edit_file|search_text|find_text|php_eval|download_file|ftp_file_down|ftp_file_up|ftp_brute|mail_file|mysql|mysql_dump|db_query)([^a-zA-Z0-9].+)*$ [OR] RewriteCond %{QUERY_STRING} ^(/)(wget|shell_exec|passthru|system|exec|popen|proc_open)(/)$
#Zararlı örümcekleri engellemek
RewriteCond %{HTTP_USER_AGENT} ^-?$ [OR] RewriteCond %{HTTP_USER_AGENT} ^[bcdfghjklmnpqrstvwxz\ ]{8,}|^[0-9a-z]{15,}|^[0-9A-Za-z]{19,} [OR] RewriteCond %{HTTP_USER_AGENT} Extractor|almaden|anonymous|autoemailspider|blogsearchbot-martin|CherryPicker|Digger|DirectUpdate|Download\ Accelerator|echo\ extense|Collector|EmailWolf|flashget|frontpage|Go!Zilla|grub\ crawler|HTTPConnect|httplib|HttpProxy|HTTP\ agent|HTTrack|Indy\ Library|Jakarta\ Commons|libWeb|libwww|Microsoft\ Data|Microsoft\ URL|MJ12bot|Movable\ Type|NICErsPRO|NutchCVS|Nutscrape/|OmniExplorer|psycheclone|PussyCat|PycURL|python|QuepasaCreep|SiteMapper|Download|sucker|SurveyBot|Teleport\ Pro|Telesoft|TrackBack|Turing|TurnitinBot|vobsub|webbandit|WebCapture|webcollage|WebCopier|WebDAV|WebEmailExtractor|WebReaper|WEBsaver|WebStripper|WebZIP|widows|Wysigot|Zeus|Zeus/Webster [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^
#zararlı örümceklerin ulasacağı dosyalar
RewriteCond %{REQUEST_URI} !^/robots.txt
RewriteCond %{REQUEST_URI} !^/sitemap.xml
#SQL injection engellemek
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR] RewriteCond %{HTTP_REFERER} ^(/)(<|>|’|%0A|%0D|’|<|>|%00)/ [NC,OR] RewriteCond %{REQUEST_URI} ^/(,|;|<|>|/{2,999})/ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget)/ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^/(winhttp|HTTrack|clshttp|archiver|loader|email| harvest|extract|grab|miner)/ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^/(libwww|curl|wget|python|scan)/ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^/(<|>|’|%0A|%0D|’|<|>|%00)/ [NC,OR] RewriteCond %{HTTP_COOKIE} ^/(<|>|’|%0A|%0D|’|<|>|%00)/ [NC,OR] RewriteCond %{QUERY_STRING} ^/(localhost|loopback|127\\.0\\.0\\.1)/ [NC,OR] RewriteCond %{QUERY_STRING} ^/(<|>|’|%0A|%0D|’|<|>|%00)/ [NC,OR] RewriteCond %{QUERY_STRING} [^a-z](|order|union|declare|char|set|cast|convert|delete |drop|exec|insert|met*|script|select|truncate|upda te)[^a-z] [NC] RewriteRule (/) - [F]
#sunucu imzası kaldır
ServerSignature Off
#htaccess erişim engelleme
<Files .htaccess>
Order Allow,Deny
Deny from all
</Files>
Siber güvenlik forum sitemize ekip üyeleri arıyoruz Discord: TIKLA
Httacces Güvenliği
Httacces Güvenliği
Konuyu Okuyanlar: 2 Ziyaretçi