Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

htaccess Protection


milan@multidots.in

Recommended Posts

Hey Hello,

 

Please Reply quick its urgent for me and needed.

 

I am getting problem in applying the htaccess protection code for the security purpose.

 

I have downloaded the htaccess Protection plug-in from osCommerce contributions,But while applying that changes to the original .htaccess file I am getting internal server error.

 

Please help as early as possible,

 

 

Thanks & Regards,

Milan Pattani

 

:(

Link to comment
Share on other sites

What plugin you downloaded?

What changes you do?

What error you get?

What version you use?

 

Thanks for the reply,

 

* I have downloaded the htaccess Protection plug in.

 

* from that I have get the code for .htaccess that I have copied that for example:

 

# Deny domain access to spammers and other scumbags

 

RewriteEngine on

 

php_flag register_globals off

 

SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots

 

Deny from env=block_bad_bots

 

* And I get the internal server error something like misconfiguration but if I removed that code its working properly.

 

* I am using osCommerce v2.3.1.

 

Again thanks,

Milan Pattani

Link to comment
Share on other sites

php_flag commands (as well as php_value commands) are long obsolete and should not be used. They will cause an Internal Server Error in many servers. Set those kinds of things in your php.ini file. Either that plug-in code is incredibly old, or whoever wrote it is a complete moron. Plus, it appears to only block one particular exploit (the famed libwww-perl hack). There are probably other, more up to date, instructions around for blocking exploits. What you have (once you fix the php_flag) is better than nothing, but don't stop there.

Link to comment
Share on other sites

php_flag commands (as well as php_value commands) are long obsolete and should not be used. They will cause an Internal Server Error in many servers. Set those kinds of things in your php.ini file. Either that plug-in code is incredibly old, or whoever wrote it is a complete moron. Plus, it appears to only block one particular exploit (the famed libwww-perl hack). There are probably other, more up to date, instructions around for blocking exploits. What you have (once you fix the php_flag) is better than nothing, but don't stop there.

 

OK thanks a lot dear for helping me and guidelines.

 

Thanks again,

Milan Pattani

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...