[email protected] Posted February 2, 2011 Share Posted February 2, 2011 Hey Hello, Please Reply quick its urgent for me and needed. I am getting problem in applying the htaccess protection code for the security purpose. I have downloaded the htaccess Protection plug-in from osCommerce contributions,But while applying that changes to the original .htaccess file I am getting internal server error. Please help as early as possible, Thanks & Regards, Milan Pattani :( Link to comment Share on other sites More sharing options...
multimixer Posted February 2, 2011 Share Posted February 2, 2011 What plugin you downloaded? What changes you do? What error you get? What version you use? My community profile | Template system for osCommerce - New: Responsive | Feedback channel Link to comment Share on other sites More sharing options...
[email protected] Posted February 2, 2011 Author Share Posted February 2, 2011 What plugin you downloaded? What changes you do? What error you get? What version you use? Thanks for the reply, * I have downloaded the htaccess Protection plug in. * from that I have get the code for .htaccess that I have copied that for example: # Deny domain access to spammers and other scumbags RewriteEngine on php_flag register_globals off SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots Deny from env=block_bad_bots * And I get the internal server error something like misconfiguration but if I removed that code its working properly. * I am using osCommerce v2.3.1. Again thanks, Milan Pattani Link to comment Share on other sites More sharing options...
MrPhil Posted February 4, 2011 Share Posted February 4, 2011 php_flag commands (as well as php_value commands) are long obsolete and should not be used. They will cause an Internal Server Error in many servers. Set those kinds of things in your php.ini file. Either that plug-in code is incredibly old, or whoever wrote it is a complete moron. Plus, it appears to only block one particular exploit (the famed libwww-perl hack). There are probably other, more up to date, instructions around for blocking exploits. What you have (once you fix the php_flag) is better than nothing, but don't stop there. Link to comment Share on other sites More sharing options...
[email protected] Posted February 5, 2011 Author Share Posted February 5, 2011 php_flag commands (as well as php_value commands) are long obsolete and should not be used. They will cause an Internal Server Error in many servers. Set those kinds of things in your php.ini file. Either that plug-in code is incredibly old, or whoever wrote it is a complete moron. Plus, it appears to only block one particular exploit (the famed libwww-perl hack). There are probably other, more up to date, instructions around for blocking exploits. What you have (once you fix the php_flag) is better than nothing, but don't stop there. OK thanks a lot dear for helping me and guidelines. Thanks again, Milan Pattani Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.