Just nu i M3-nätverket
Gå till innehåll

.htaccess förändras i Joomla


dawwa50

Rekommendera Poster

Hej!

 

Jag felsöker en hemsida där .htaccess hela tiden förändras. Är det någon som har något bra tips på hur man ser till så att den ej förändras? Hemsidan är en joomla-installation. Jag är tacksam för alla tips jag kan få. 

 

Standard brukar vara

##

# @package    Joomla
# @copyright  Copyright © 2005 - 2016 Open Source Matters. All rights reserved.
# @license    GNU General Public License version 2 or later; see LICENSE.txt
##
 
##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that disallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
##
 
## No directory listings
IndexIgnore *
 
## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes
 
## Mod_rewrite in use.
 
RewriteEngine On
 
## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.
 
## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects
 
##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##
 
# RewriteBase /
 
## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.
 
Här kommer den förändrade filen
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule !(js|ico|gif|jpg|png|css|swf|flv|libraries|maint|admin|login|logout|reg) index.php [QSA,L]
</IfModule>
 
 
##
# @package    Joomla
# @copyright  Copyright © 2005 - 2016 Open Source Matters. All rights reserved.
# @license    GNU General Public License version 2 or later; see LICENSE.txt
##
 
##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that disallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
##
 
## No directory listings
IndexIgnore *
 
## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes
 
## Mod_rewrite in use.
 
RewriteEngine On
 
## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.
 
## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects
 
##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##
 
# RewriteBase /
 
## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.
 

 

Länk till kommentar
Dela på andra webbplatser

ChromaWoods

På vilket sätt är det ett problem att .htaccess ändras? Den enda skillnaden är rewrite-regeln som lagts till i början, vilket jag gissar är Joomla själv som gjort. Wordpress gör liknande när man i WP-admin väljer att man vill ha "snygga" URL:ar. .htaccess hanterar bl.a. detta.

Länk till kommentar
Dela på andra webbplatser

På vilket sätt är det ett problem att .htaccess ändras? Den enda skillnaden är rewrite-regeln som lagts till i början, vilket jag gissar är Joomla själv som gjort. Wordpress gör liknande när man i WP-admin väljer att man vill ha "snygga" URL:ar. .htaccess hanterar bl.a. detta.

Det som händer är att vissa ikoner på hemsidan inte visas som de ska. Bl.a. bilder som används när man ska logga in, men nu tror jag inte längre att .htaccess ändras, men det är php-filer som tar sig in på något sätt. Senast var det en i administrator/components/com_jhackguard/controllers/sql95.php som lagts till. Jag har därför ändrat i jhackguard och min förhoppning är att den ska förhindra att det sker igen. Disable all file uploads "JA". 

 

Kanske är det någon som har tips på någon bra modul till joomla som stoppar virus. Gärna gratis. 

post-52464-0-74486600-1462575120.jpg

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...