[SOLVED] Search Friendly URLs
Posted: Sun Oct 24, 2010 5:46 pm
I read notes on configuring the .htaccess files and it includes notes on URL filtering.
it says;
but when i check my .htaccess file included under "doc", there are no URL filtering rules in that file.
I'm using CMS Made Simple 1.8.2 "Toliara". Are these filtering rules no longer applicable to this version, or should i add them in? and are the rules that are shown correct for this version?
it says;
then the following filtering code is shown down the page as part of the full code in the .htaccess fileURL Filtering Using .htaccess You can increase the security of your site and stop many hacking attempts by inserting a few lines into your .htaccess file. These rules reject http requests containing characters commonly used by exploits, but will not affect the normal operation of CMS Made Simple.
http://wiki.cmsmadesimple.org/index.php ... l_Settings
Code: Select all
# URL Filtering helps stop some hack attempts
#IF the URI contains a "http:"
RewriteCond %{QUERY_STRING} http\: [OR]
#OR if the URI contains a "["
RewriteCond %{QUERY_STRING} \[ [OR]
#OR if the URI contains a "]"
RewriteCond %{QUERY_STRING} \] [OR]
#OR if the URI contains a "<__script__>"
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
#OR script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
#OR any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^.*$ - [F,L]
# END Filtering
I'm using CMS Made Simple 1.8.2 "Toliara". Are these filtering rules no longer applicable to this version, or should i add them in? and are the rules that are shown correct for this version?