Anzeige .htaccess
Dateiname: .htaccess
# https://lembach-cmsimple.de | 17.09.2022
# Ergänzungen, Antworten, Kommentare und Fehlerbereinigung von Michael (tests-und-tipps.info).
# https://www.drweb.de/htaccess/ Teil 4b: Zugriff von außen auf .htaccess Datei verbieten
# Zugriff auf .htaccess verbieten, falls in Benutzung
# Wenn man an der .htaccess arbeitet und zwischendurch eine neuere Version hochladen will, benennt man die momentan aktuelle gewöhnlich um, indem man .bak dranhängt.
# Gibt es schon eine .htaccess.bak, gibt man der nächsten Version aufsteigende .bak-Nummern. Das wissen auch Hacker und suchen danach. Es gibt in dem Verzeichnis evtl. aber auch
# .ini-Dateien, Logbücher, Ausgelagertes/Zwischengelagertes (.swp wie engl.: swap) und manchmal machen Filesysteme da auch eine Tilde ~ dran.
# )$ ist einfach die abschließende Klammer und das Dollar-Zeichen schließt das Ganze ab.
# Weil solche Befehle in Anführungszeichen geschrieben werden, auch abschließend ein solches.
<FilesMatch "\.(htaccess|htpasswd|bak|bak2|bak3|bak4|bak5|bak6|config|dist|fla|inc|ini|log|phps|psd|sh|sql|swp|~)$">
Require all denied
</FilesMatch>
# --------------------------------------------------------------------------------------------------------------------------------------------
# https://perishablepress.com/7g-firewall-log-blocked-requests/#log - Vorbereiten der Log-Datei
# Um die Protokolldatei vorzubereiten, sollten Sie sicherstellen, dass sie vom Server beschreibbar ist (z. B. ändern Sie die CHMOD-Berechtigungen für die Datei). Dann möchten Sie auch sicherstellen, dass die Datei vor dem Zugriff von außen geschützt ist. Dadurch wird verhindert, dass vertrauliche Informationen öffentlich zugänglich werden. Da wir bereits mit .htaccess arbeiten , hier ein einfacher Codeschnipsel, der unsere Logdatei vor allen Zugriffen von außen schützt:
<IfModule mod_authz_core.c>
<Files ~ "7G_log\.txt">
Require all denied
</Files>
</IfModule>
# ----------------------------------------------------------------------------------------------------------------------------------------------
<IfModule dir_module>
# DirectoryIndex | https://httpd.apache.org/docs/2.4/mod/mod_dir.html#directoryindex
DirectoryIndex disabled
# Only index.php is allowed as index resource
DirectoryIndex index.php
</IfModule>
# Options | https://httpd.apache.org/docs/2.4/de/mod/core.html#options
# Die Direktive Options steuert, welche Eigenschaften bzw. Funktionen in einem bestimmten Verzeichnis verfügbar sind.
# -Indexes verhindert die Verzeichnisauflistung/Navigation
# -Includes verbietet serverseitige Includes
# -MultiViews prevent 404 on non-existing folders | verbietet Zugriff auf nichtexistierende Ordner
# +SymLinksIfOwnerMatch Der Server verfolgt nur symbolische Links, bei denen die Zieldatei oder das Zielverzeichnis zur gleichen Benutzerkennung gehört wie der Link.
#
# Angriffszenario: Jemand auf dem gleichen Webserver kennt die verwendete Datenstruktur und kommt bei geschickter Anwendung an Deine Daten. Aber nicht mit +SymLinksIfOwnerMatch …
# Bitte in Deiner produktiven .htaccess diese Befehle nicht doppelt anwenden. Diese Variante in der nächsten Zeile ist optimal.
Options -Indexes -Includes -MultiViews +SymLinksIfOwnerMatch
# https://httpd.apache.org/docs/2.4/en/mod/core.html#adddefaultcharset
# Diese Direktive gibt einen Standardwert für den Parameter media type charset (den Namen einer Zeichenkodierung) an, der zu einer Antwort hinzugefügt wird,
# wenn der Content-Type der Antwort entweder text/plain oder text/html ist. ...
AddDefaultCharset UTF-8
# Mod Rewrite | https://httpd.apache.org/docs/current/mod/mod_rewrite.html
# mod_rewrite bietet eine flexible und leistungsfähige Möglichkeit, URLs mit einer unbegrenzten Anzahl von Regeln zu manipulieren.
# https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule
# Umschreibe-Regeln werden auf die Ergebnisse früherer Umschreibe-Regeln angewendet, und zwar in der Reihenfolge, in der sie in der Konfigurationsdatei definiert sind.
# Der URL-Pfad oder Dateisystempfad (siehe "Was wird abgeglichen?", oben) wird vollständig durch die Ersetzung abgelöst und der Umschreibprozess wird fortgesetzt,
# bis alle Regeln angewendet wurden, oder er explizit durch ein L-Flag oder ein anderes Flag, das eine sofortige Beendigung impliziert, wie END oder F, beendet wird.
# Wird das F-Flag gesetzt (403 forbiden) ist das zusätzliche Setzen des L-Flags unnötig.
# Für F und G gilt: diese Flags schließen/beenden von sich aus schon die Regel, da braucht man nicht extra noch ein L anhängen!
# Aber das machen auch viele Profis seit Jahren falsch. Es schadet nicht, daher hat sich keiner die Mühe gemacht, den Text von Apache richtig zu lesen.
# L - Beendet den Rewriting-Prozess sofort und wendet keine weiteren Regeln mehr an.
# Beachte insbesondere die Vorbehalte für den Kontext von Verzeichnissen und .htaccess (siehe auch das END-Flag). https://httpd.apache.org/docs/current/rewrite/flags.html#flag_l
# F - Die Verwendung des Flags [F] bewirkt, dass der Server den Statuscode 403 Forbidden an den Client zurückgibt.
# Während das gleiche Verhalten mit der DenyDirektive erreicht werden kann, ermöglicht dies mehr Flexibilität beim Zuweisen eines Forbidden-Status.
# https://httpd.apache.org/docs/current/rewrite/flags.html#flag_f
# https://www.drweb.de/htaccess/ Teil 3: ALLGEMEINE SICHERHEITSEINSTELLUNGEN
# Jeff Starr von Perishable Press – feilt bereits seit Jahren an seiner Blockliste für die .htaccess. https://perishablepress.com/7g-firewall/#download
# Genau dieser Profi macht das auch seit Jahren falsch!
# Man muss ein paar Zeilen darin auskommentieren, damit man als CMSimple-Admin weiterhin Zugriff auf seine Bilder hat.
#
<IfModule mod_rewrite.c>
# 7G FIREWALL v1.5 20211103 @ https://perishablepress.com/7g-firewall/
# 7G:[CORE]
RewriteEngine On
RewriteBase /
# 7G:[QUERY STRING]
# Codes für den Slash %2F blockieren File-Manager! Deshalb durch einfügen von # deaktiviert.
# man kann auch das Logbuch weglassen, das ist nur am Anfang wichtig, wenn man beobachten möchte, ob die Firewall gut läuft bzw. wirklich etwas bewirkt (ja, die ist großartig!).
RewriteCond %{REQUEST_URI} !(7g_log.php) [NC]
RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR]
# RewriteCond %{QUERY_STRING} (/|%2f)(:|%3a)(/|%2f) [NC,OR]
RewriteCond %{QUERY_STRING} (order(\s|%20)by(\s|%20)1--) [NC,OR]
# RewriteCond %{QUERY_STRING} (/|%2f)(\*|%2a)(\*|%2a)(/|%2f) [NC,OR]
RewriteCond %{QUERY_STRING} (`|<|>|\^|\|\\|0x00|%00|%0d%0a) [NC,OR]
RewriteCond %{QUERY_STRING} (ckfinder|fck|fckeditor|fullclick) [NC,OR]
RewriteCond %{QUERY_STRING} ((.*)header:|(.*)set-cookie:(.*)=) [NC,OR]
RewriteCond %{QUERY_STRING} (cmd|command)(=|%3d)(chdir|mkdir)(.*)(x20) [NC,OR]
RewriteCond %{QUERY_STRING} (globals|mosconfig([a-z_]{1,22})|request)(=|\[) [NC,OR]
# RewriteCond %{QUERY_STRING} (/|%2f)((wp-)?config)((\.|%2e)inc)?((\.|%2e)php) [NC,OR]
RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumbs?)?)((\.|%2e)php) [NC,OR]
RewriteCond %{QUERY_STRING} (absolute_|base|root_)(dir|path)(=|%3d)(ftp|https?) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127(\.|%2e)0(\.|%2e)0(\.|%2e)1) [NC,OR]
# RewriteCond %{QUERY_STRING} (s)?(ftp|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR]
RewriteCond %{QUERY_STRING} (\.|20)(get|the)(_|%5f)(permalink|posts_page_url)(\(|%28) [NC,OR]
# RewriteCond %{QUERY_STRING} ((boot|win)((\.|%2e)ini)|etc(/|%2f)passwd|self(/|%2f)environ) [NC,OR]
# RewriteCond %{QUERY_STRING} (((/|%2f){3,3})|((\.|%2e){3,3})|((\.|%2e){2,2})(/|%2f|%u2215)) [NC,OR]
RewriteCond %{QUERY_STRING} (benchmark|char|exec|fopen|function|html)(.*)(\(|%28)(.*)(\)|%29) [NC,OR]
RewriteCond %{QUERY_STRING} (php)([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) [NC,OR]
RewriteCond %{QUERY_STRING} (e|%65|%45)(v|%76|%56)(a|%61|%31)(l|%6c|%4c)(.*)(\(|%28)(.*)(\)|%29) [NC,OR]
# RewriteCond %{QUERY_STRING} (/|%2f)(=|%3d|$&|_mm|cgi(\.|-)|inurl(:|%3a)(/|%2f)|(mod|path)(=|%3d)(\.|%2e)) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(e|%65|%45)(m|%6d|%4d)(b|%62|%42)(e|%65|%45)(d|%64|%44)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(i|%69|%49)(f|%66|%46)(r|%72|%52)(a|%61|%41)(m|%6d|%4d)(e|%65|%45)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(o|%4f|%6f)(b|%62|%42)(j|%4a|%6a)(e|%65|%45)(c|%63|%43)(t|%74|%54)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3c)(.*)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(.*)(>|%3e) [NC,OR]
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(d|%64|%44)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(i|%69|%49)(n|%6e|%4e)(s|%73|%53)(e|%65|%45)(r|%72|%52)(t|%74|%54)(\+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(s|%73|%53)(e|%65|%45)(l|%6c|%4c)(e|%65|%45)(c|%63|%43)(t|%74|%54)(\+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (\+|%2b|%20)(u|%75|%55)(p|%70|%50)(d|%64|%44)(a|%61|%41)(t|%74|%54)(e|%65|%45)(\+|%2b|%20) [NC,OR]
RewriteCond %{QUERY_STRING} (\\x00|(\"|%22|\'|%27)?0(\"|%22|\'|%27)?(=|%3d)(\"|%22|\'|%27)?0|cast(\(|%28)0x|or%201(=|%3d)1) [NC,OR]
RewriteCond %{QUERY_STRING} (g|%67|%47)(l|%6c|%4c)(o|%6f|%4f)(b|%62|%42)(a|%61|%41)(l|%6c|%4c)(s|%73|%53)(=|\[|%[0-9A-Z]{0,2}) [NC,OR]
RewriteCond %{QUERY_STRING} (_|%5f)(r|%72|%52)(e|%65|%45)(q|%71|%51)(u|%75|%55)(e|%65|%45)(s|%73|%53)(t|%74|%54)(=|\[|%[0-9A-Z]{2,}) [NC,OR]
RewriteCond %{QUERY_STRING} (j|%6a|%4a)(a|%61|%41)(v|%76|%56)(a|%61|%31)(s|%73|%53)(c|%63|%43)(r|%72|%52)(i|%69|%49)(p|%70|%50)(t|%74|%54)(:|%3a)(.*)(;|%3b|\)|%29) [NC,OR]
RewriteCond %{QUERY_STRING} (b|%62|%42)(a|%61|%41)(s|%73|%53)(e|%65|%45)(6|%36)(4|%34)(_|%5f)(e|%65|%45|d|%64|%44)(e|%65|%45|n|%6e|%4e)(c|%63|%43)(o|%6f|%4f)(d|%64|%44)(e|%65|%45)(.*)(\()(.*)(\)) [NC,OR]
RewriteCond %{QUERY_STRING} (@copy|\$_(files|get|post)|allow_url_(fopen|include)|auto_prepend_file|blexbot|browsersploit|(c99|php)shell|curl(_exec|test)|disable_functions?|document_root|elastix|encodeuricom|exploit|fclose|fgets|file_put_contents|fputs|fsbuff|fsockopen|gethostbyname|grablogin|hmei7|input_file|null|open_basedir|outfile|passthru|phpinfo|popen|proc_open|quickbrute|remoteview|root_path|safe_mode|shell_exec|site((.){0,2})copier|sux0r|trojan|user_func_array|wget|xertive) [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|\'|\"|\)|%0a|%0d|%22|%27|%3c|%3e|%00)(.*)(/\*|alter|base64|benchmark|cast|concat|convert|create|encode|declare|delete|drop|insert|md5|request|script|select|set|union|update) [NC,OR]
RewriteCond %{QUERY_STRING} ((\+|%2b)(concat|delete|get|select|union)(\+|%2b)) [NC,OR]
RewriteCond %{QUERY_STRING} (union)(.*)(select)(.*)(\(|%28) [NC,OR]
RewriteCond %{QUERY_STRING} (concat|eval)(.*)(\(|%28) [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
# 7G:[REQUEST URI] Codes für den Slash %2F blockieren File-Manager! Deshalb durch einfügen von # deaktiviert.
RewriteCond %{REQUEST_URI} (\^|`|<|>|\\|\|) [NC,OR]
RewriteCond %{REQUEST_URI} ([a-z0-9]{2000,}) [NC,OR]
RewriteCond %{REQUEST_URI} (=?\\(\'|%27)/?)(\.) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(\*|\"|\'|\.|,|&|&?)/?$ [NC,OR]
RewriteCond %{REQUEST_URI} (\.)(php)(\()?([0-9]+)(\))?(/)?$ [NC,OR]
RewriteCond %{REQUEST_URI} (/)(vbulletin|boards|vbforum)(/)? [NC,OR]
RewriteCond %{REQUEST_URI} /((.*)header:|(.*)set-cookie:(.*)=) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(ckfinder|fck|fckeditor|fullclick) [NC,OR]
RewriteCond %{REQUEST_URI} (\.(s?ftp-?)config|(s?ftp-?)config\.) [NC,OR]
RewriteCond %{REQUEST_URI} (\{0\}|\"?0\"?=\"?0|\(/\(|\.\.\.|\+\+\+|\\\") [NC,OR]
RewriteCond %{REQUEST_URI} (thumbs?(_editor|open)?|tim(thumbs?)?)(\.php) [NC,OR]
RewriteCond %{REQUEST_URI} (\.|20)(get|the)(_)(permalink|posts_page_url)(\() [NC,OR]
RewriteCond %{REQUEST_URI} (///|\?\?|/&&|/\*(.*)\*/|/:/|\\\\|0x00|%00|%0d%0a) [NC,OR]
RewriteCond %{REQUEST_URI} (/%7e)(root|ftp|bin|nobody|named|guest|logs|sshd)(/) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(etc|var)(/)(hidden|secret|shadow|ninja|passwd|tmp)(/)?$ [NC,OR]
# RewriteCond %{REQUEST_URI} (s)?(ftp|http|inurl|php)(s)?(:(/|%2f|%u2215)(/|%2f|%u2215)) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(=|\$&?|&?(pws|rk)=0|_mm|_vti_|cgi(\.|-)?|(=|/|;|,)nt\.) [NC,OR]
RewriteCond %{REQUEST_URI} (\.)(ds_store|htaccess|htpasswd|init?|mysql-select-db)(/)?$ [NC,OR]
RewriteCond %{REQUEST_URI} (/)(bin)(/)(cc|chmod|chsh|cpp|echo|id|kill|mail|nasm|perl|ping|ps|python|tclsh)(/)?$ [NC,OR]
RewriteCond %{REQUEST_URI} (/)(::[0-9999]|%3a%3a[0-9999]|127\.0\.0\.1|localhost|loopback|makefile|pingserver|wwwroot)(/)? [NC,OR]
RewriteCond %{REQUEST_URI} (\(null\)|\{\$itemURL\}|cAsT\(0x|echo(.*)kae|etc/passwd|eval\(|self/environ|\+union\+all\+select) [NC,OR]
RewriteCond %{REQUEST_URI} (/)?j((\s)+)?a((\s)+)?v((\s)+)?a((\s)+)?s((\s)+)?c((\s)+)?r((\s)+)?i((\s)+)?p((\s)+)?t((\s)+)?(%3a|:) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(awstats|(c99|php|web)shell|document_root|error_log|listinfo|muieblack|remoteview|site((.){0,2})copier|sqlpatch|sux0r) [NC,OR]
RewriteCond %{REQUEST_URI} (/)((php|web)?shell|crossdomain|fileditor|locus7|nstview|php(get|remoteview|writer)|r57|remview|sshphp|storm7|webadmin)(.*)(\.|\() [NC,OR]
RewriteCond %{REQUEST_URI} (/)(author-panel|bitrix|class|database|(db|mysql)-?admin|filemanager|htdocs|httpdocs|https?|mailman|mailto|msoffice|mysql|_?php-my-admin(.*)|tmp|undefined|usage|var|vhosts|webmaster|www)(/) [NC,OR]
RewriteCond %{REQUEST_URI} (base64_(en|de)code|benchmark|child_terminate|curl_exec|e?chr|eval|function|fwrite|(f|p)open|html|leak|passthru|p?fsockopen|phpinfo|posix_(kill|mkfifo|setpgid|setsid|setuid)|proc_(close|get_status|nice|open|terminate)|(shell_)?exec|system)(.*)(\()(.*)(\)) [NC,OR]
RewriteCond %{REQUEST_URI} (/)(^$|00.temp00|0day|3index|3xp|70bex?|admin_events|bkht|(php|web)?shell|c99|config(\.)?bak|curltest|db|dompdf|filenetworks|hmei7|index\.php/index\.php/index|jahat|kcrew|keywordspy|libsoft|marg|mobiquo|mysql|nessus|php-?info|racrew|sql|vuln|(web-?|wp-)?(conf\b|config(uration)?)|xertive)(\.php) [NC,OR]
RewriteCond %{REQUEST_URI} (\.)(7z|ab4|ace|afm|ashx|aspx?|bash|ba?k?|bin|bz2|cfg|cfml?|cgi|conf\b|config|ctl|dat|db|dist|dll|eml|engine|env|et2|exe|fec|fla|git|hg|inc|ini|inv|jsp|log|lqd|make|mbf|mdb|mmw|mny|module|old|one|orig|out|passwd|pdb|phtml|pl|profile|psd|pst|ptdb|pwd|py|qbb|qdf|rar|rdf|save|sdb|sql|sh|soa|svn|swf|swl|swo|swp|stx|tar|tax|tgz|theme|tls|tmd|wow|xtmpl|ya?ml|zlib)$ [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
# 7G:[USER AGENT]
RewriteCond %{HTTP_USER_AGENT} ([a-z0-9]{2000,}) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (<|%0a|%0d|%27|%3c|%3e|%00|0x00) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (ahrefs|alexibot|majestic|mj12bot|rogerbot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ((c99|php|web)shell|remoteview|site((.){0,2})copier) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (econtext|eolasbot|eventures|liebaofast|nominet|oppo\sa33) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (base64_decode|bin/bash|disconnect|eval|lwp-download|unserialize|\\\x22) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (acapbot|acoonbot|asterias|attackbot|backdorbot|becomebot|binlar|blackwidow|blekkobot|blexbot|blowfish|bullseye|bunnys|butterfly|careerbot|casper|checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|cy_cho|datacha|demon|diavol|discobot|dittospyder|dotbot|dotnetdotcom|dumbot|emailcollector|emailsiphon|emailwolf|extract|eyenetie|feedfinder|flaming|flashget|flicky|foobot|g00g1e|getright|gigabot|go-ahead-got|gozilla|grabnet|grafula|harvest|heritrix|httrack|icarus6j|jetbot|jetcar|jikespider|kmccrew|leechftp|libweb|linkextractor|linkscan|linkwalker|loader|masscan|miner|mechanize|morfeus|moveoverbot|netmechanic|netspider|nicerspro|nikto|ninja|nutch|octopus|pagegrabber|planetwork|postrank|proximic|purebot|pycurl|python|queryn|queryseeker|radian6|radiation|realdownload|scooter|seekerspider|semalt|siclab|sindice|sistrix|sitebot|siteexplorer|sitesnagger|skygrid|smartdownload|snoopy|sosospider|spankbot|spbot|sqlmap|stackrambler|stripper|sucker|surftbot|sux0r|suzukacz|suzuran|takeout|teleport|telesoft|true_robots|turingos|turnit|vampire|vikspider|voideye|webleacher|webreaper|webstripper|webvac|webviewer|webwhacker|winhttp|wwwoffle|woxbot|xaldon|xxxyy|yamanalab|yioopbot|youda|zeus|zmeu|zune|zyborg) [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
# 7G:[REMOTE HOST]
RewriteCond %{REMOTE_HOST} (163data|amazonaws|colocrossing|crimea|g00g1e|justhost|kanagawa|loopia|masterhost|onlinehome|poneytel|sprintdatacenter|reverse.softlayer|safenet|ttnet|woodpecker|wowrack) [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
# 7G:[HTTP REFERRER]
RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC,OR]
RewriteCond %{HTTP_REFERER} (order(\s|%20)by(\s|%20)1--) [NC,OR]
RewriteCond %{HTTP_REFERER} (blue\spill|cocaine|ejaculat|erectile|erections|hoodia|huronriveracres|impotence|levitra|libido|lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby|ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo) [NC]
RewriteRule .* - [F]
# 7G:[REQUEST METHOD] DELETE hinzugefügt am 25.04.2022
RewriteCond %{REQUEST_METHOD} ^(CONNECT|DEBUG|DELETE|MOVE|TRACE|TRACK) [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
# 7G Addon: Stop Aggressive Scanning for Uploads-Related Targets | 13.08.2020
# https://perishablepress.com/stop-aggressive-scanning-uploads/
# modifiziert: „cms” entfernt: 24.07.2021
RewriteCond %{REQUEST_URI} /php(unit)?/ [NC,OR]
RewriteCond %{REQUEST_URI} \.(aspx?|env|git(ignore)?|phtml|rar|well-known) [NC,OR]
RewriteCond %{REQUEST_URI} /(control_panel|dashboard|home_url=|lr-admin|manager|panel|staff|webadmin) [NC,OR]
RewriteCond %{REQUEST_URI} /(adm(in)?|blog|cache|checkout|controlpanel|ecommerce|export|magento(-1|web)?|market(place)?|mg|onli(n|k)e|orders?|shop|tmplconnector|uxm|web?store)/ [NC,OR]
RewriteCond %{REQUEST_URI} (_timthumb_|timthumb.php) [NC,OR]
RewriteCond %{REQUEST_URI} /(install|wp-config|wp-login|xmlrpc)\.php [NC,OR]
RewriteCond %{REQUEST_URI} /(uploadify|uploadbg|up__uzegp)\.php [NC,OR]
RewriteCond %{REQUEST_URI} /(comm\.js|mysql-date-function|simplebootadmin|vuln\.htm|www\.root\.) [NC,OR]
RewriteCond %{REQUEST_URI} /(admin-uploadify|fileupload|jquery-file-upload|upload_file|upload|uploadify|webforms)/ [NC,OR]
RewriteCond %{REQUEST_URI} /(ajax_pluginconf|apikey|connector(.minimal)?|eval-stdin|f0x|login|router|setup-config|sssp|vuln|xattacker)\.php [NC]
RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# RewriteRule .* - [F]
#Block Spam Bots
RewriteCond %{HTTP_USER_AGENT} ^(aesop_com_spiderman|alexibot|backweb|bandit|batchftp|bigfoot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(black.?hole|blackwidow|blowfish|botalot|buddy|builtbottough|bullseye) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(cheesebot|cherrypicker|chinaclaw|collector|copier|copyrightcheck) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(cosmos|crescent|curl|custo|da|diibot|disco|dittospyder|dragonfly) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(drip|easydl|ebingbong|ecatch|eirgrabber|emailcollector|emailsiphon) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(emailwolf|erocrawler|exabot|eyenetie|filehound|flashget|flunky) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(frontpage|getright|getweb|go.?zilla|go-ahead-got-it|gotit|grabnet) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(grafula|harvest|hloader|hmview|httplib|httrack|humanlinks|ilsebot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(infonavirobot|infotekies|intelliseek|interget|iria|jennybot|jetcar) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(joc|justview|jyxobot|kenjin|keyword|larbin|leechftp|lexibot|lftp|libweb) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^web(zip|emaile|enhancer|fetch|go.?is|auto|bandit|clip|copier|master|reaper|sauger|site.?quester|whack) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures).*$ [NC]
# --------------------------------------------------------------------------------------------------------------------------------------------------------------
# könnte hier auch diese Regel eingesetzt werden?
# RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# --------------------------------------------------------------------------------------------------------------------------------------------------------------
RewriteRule . - [F]
# Proxy Firewall | https://htaccessbook.com .htaccess made easy S. 133 | Stand: 09.01.2021
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:FORWARDED-FOR} !^$ [OR]
RewriteCond %{HTTP:X-FORWARDED} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$
RewriteRule .* http://%{REMOTE_ADDR}/ [R=302,L]
# Bad-Bot-Abwehr seit 08.02.2022
RewriteCond %{QUERY_STRING} author=[0-9]{1,2} [NC]
# --------------------------------------------------------------------------------------------------------------------------------------------------------------
# könnte hier auch diese Regel eingesetzt werden?
# RewriteRule .* /7G_log.php?log [END,NE,E=7G_REQUEST_URI:%1___%2___%3]
# --------------------------------------------------------------------------------------------------------------------------------------------------------------
RewriteRule .* - [F]
# Redirect to SSL version
# ACHTUNG: Wenn die Domains kein HTTPS unterstützen müssen die beiden folgenden Zeilen auskommentiert werden!!!
#
# Ein guter Internetdiensteanbieter lässt zu, dass man in den Webserver-SSL-Zertifikateinstellungen sowieso auf https: umleitet.
# Dann können diese beiden Zeilen entfallen!
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}
# https://wp-mix.com/canonical-www-htaccess/ | Drop-in remove www (Method 2) | Hinweis von Michael_G
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule (.*) https://%1/$1 [R=301,L]
# Ultimate Bild-Hotlink Protection | perishablepress.com | seit 21.06.2021 | Stand: 18.09.2022 für Karl Richard!
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.(ico|gif|jpe?g?|png)$ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?lembach-cmsimple\. [NC]
RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?lembach-kr\. [NC]
# ---------------------------------- müssen meine Subdomains hier ebenfalls eingetragen werden ? ------------------------------------------------------------
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteCond %{HTTP_REFERER} !pingdom\. [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
RewriteCond %{HTTP_REFERER} !bing\. [NC]
# --------------- Hat hier nicht die Regel gefehlt ? ---------------------------------------------------------------------------------------------------------
RewriteRule \.(ico|gif|jpe?g?|png)$ - [F,NC]
# --------------- Wenn ich gerne ein "Das Bild sollte von hier geklaut werden"-Bild einfügen möchte, könnte dann die Regel so aussehen:? ---------------------
# RewriteRule \.(ico|gif|jpe?g?|png)$ https://lembach-cmsimple.de/quellenhinweis/krl-software-develepment.png [NC,R,L]
</IfModule>
# https://perishablepress.com/blank-space-whitespace-character-htaccess/
<IfModule mod_alias.c>
RedirectMatch 403 \s
# 404 Fix: Anfragen für nicht existierende Dateien+Ordner blockieren | 25.02.2022
# https://perishablepress.com/block-nuisance-requests
RedirectMatch 403 (?i)/atom.xml
RedirectMatch 403 (?i)/autodiscover/autodiscover.xml
RedirectMatch 403 (?i)/back
RedirectMatch 403 (?i)/backup
RedirectMatch 403 (?i)/misc/ajax.js
RedirectMatch 403 (?i)/plugins/system/debug/debug.xml
RedirectMatch 403 (?i)/security.txt
RedirectMatch 403 (?i)/wlwmanifest.xml
RedirectMatch 403 (?i)\.php\.suspected
</IfModule>
# eigene Fehlerseiten
# ----------------------- Kann man domain.tld durch %{HTTP_HOST} ersetzen und das funktioniert dann unter allen Umständen? ----------------------------------
# Dann könnten nachstehende Umleitungen ohne Umschreibung auch bei anderen Domains eingesetzt werden. -------------------------------------------------------
ErrorDocument 400 https://%{HTTP_HOST}/?400
ErrorDocument 401 https://%{HTTP_HOST}/?401
ErrorDocument 403 https://%{HTTP_HOST}/?403
ErrorDocument 404 https://%{HTTP_HOST}/?404
# ErrorDocument 503 https://%{HTTP_HOST}/?Maintenance-Mode
# Wird nicht gebraucht wenn Plug-in Maintenance_XH bevorzugt wird und dessen HTML-Infoseite akzeptabel angepasst wurde.
# Bandbreite für PHP-fähige Server reservieren (für ältere Versionen Code anpassen):
#<IfModule mod_php5.c>
#<IfModule mod_php6.c>
# ---------------- Bei Manitu läuft die 7er Version, wie sähe das dann aus? --------------------------------------------------------------------------------
# ------------phpinfo.php - Auszug -------------------------------------------------------------------------------------------------------------------------
# zlib
#ZLib Support enabled
#Stream Wrapper compress.zlib://
#Stream Filter zlib.inflate, zlib.deflate
#Compiled Version 1.2.12
#Linked Version 1.2.11
#
#Directive Local Value Master Value
#zlib.output_compression Off Off
#zlib.output_compression_level -1 -1
#zlib.output_handler no value no value
# -----------------------------------------------------------------------------------------------------
#<IfModule mod_php7.c>
# php_value zlib.output_compression 16386
#</IfModule>
<IfModule mod_php8.c>
php_value zlib.output_compression 16386
</IfModule>
# https://httpd.apache.org/docs/current/mod/mod_expires.html
# Cashing für bestimmte Dateien aktivieren
# https://www.drweb.de/htaccess/ Teil1: BROWSER-CACHING AKTIVIEREN
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType audio/ogg "access 2 years"
ExpiresByType image/bmp "access 2 years"
ExpiresByType image/gif "access 2 years"
ExpiresByType image/jpg "access 2 years"
ExpiresByType image/jpeg "access 2 years"
ExpiresByType image/gif "access 2 years"
ExpiresByType image/png "access 2 years"
ExpiresByType image/webm "access 2 years"
ExpiresByType image/svg "access 2 years"
ExpiresByType image/svg+xml "access 2 years"
ExpiresByType image/icon "access 2 years"
ExpiresByType image/x-icon "access 2 years"
ExpiresByType video/mp4 "access 2 years"
ExpiresByType video/ogg "access 2 years"
ExpiresByType video/webm "access 2 years"
ExpiresByType text/html "now plus 0 seconds"
ExpiresByType text/xml "access 1 week"
ExpiresByType text/css "access 1 week"
ExpiresByType text/javascript "now plus 1 year"
ExpiresByType text/cache-manifest "now plus 0 seconds"
ExpiresByType text/x-javascript "access 1 week"
ExpiresByType application/pdf "access 1 month"
ExpiresByType application/atom+xml "now plus 1 hour"
ExpiresByType application/manifest+json "now plus 1 week"
ExpiresByType application/x-web-app-manifest+json "now plus 0 seconds"
ExpiresByType application/rdf+xml "now plus 1 hour"
ExpiresByType application/javascript "now plus 1 year"
ExpiresByType application/x-javascript "now plus 1 year"
ExpiresByType application/rss+xml "now plus 1 hour"
ExpiresByType application/json "now plus 0 seconds"
ExpiresByType application/ld+json "now plus 0 seconds"
ExpiresByType application/schema+json "now plus 0 seconds"
ExpiresByType application/vnd.geo+json "now plus 0 seconds"
ExpiresByType application/xml "now plus 0 seconds"
# Wozu ist x-cross-domain-policy gut?
# Grundsätzliches dazu z. B. hier: https://wao.io/de/glossar/x-permitted-cross-domain-policies/
# Und weil man dafür auch Cache nutzen kann, gibt es dafür diesen Eintrag:
ExpiresByType text/x-cross-domain-policy "now plus 1 week"
</IfModule>
# Zusätzlich auch folgende alternative Festlegung.
# Manchmal ändern Webhoster die Konfirguration, da wäre die Website vielleicht irgendwann völlig ohne Cache, ohne dass man es weiß.
# Der Webserver verwendet übrigens automatisch das Beste Alternative davon.
#
# Alternative caching using Apache's "mod_headers", if it's installed
# Caching of common files – enabled | Gültigkeitsdauer von 2 Jahren?
# Ja, für Bilder empfiehlt auch Google diesen Zeitraum bzw. der Vorschlag kam ursrünglich von Google und die SEO-Spezialisten haben das natürlich übernommen.
<IfModule mod_headers.c>
<FilesMatch "\.(ico|pdf|flv|swf|js|css|gif|png|jpg|jpeg|txt|woff2|woff)$">
Header set Cache-Control "max-age=63072000, public"
</FilesMatch>
# Steuert, wie Dateien mit diesen Endungen behandelt werden sollen
<FilesMatch "\.(js|css|xml|gz|html|woff|woff2|ttf)$">
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
# https://httpd.apache.org/docs/2.4/en/mod/core.html#fileetag
# The FileETag directive configures the file attributes that are used to create the ETag (entity tag) response header field when the document is based on a static file.
# If a document is file-based, no ETag field will be included in the response
# Nicht wirklich verstanden, hier zwei deutschsprachige Websites dazu, gefunden mit DuckDuckGo und Suchbegriff: https://duckduckgo.com/?q=FileETag+Direktive&t=osx&ia=web
# https://de.wikipedia.org/wiki/HTTP_ETag | 2. Mai 2021 um 19:35 Uhr
# https://tcpip.wtf/en/http-etag-nutzen-funktionsweise.htm | 14. Dec. 2009 20:28 CEST
# kurz zusammengefasst: nicht mehr von Nutzen, daher schaltet man es mit diesem Befehl ab (None)
FileETag None
# Ist das folgende mit ETag überflüssig ? Nein! Da dies sonst vom Browser anders entschieden wird, muss es in der .htaccess geregelt werden.
<IfModule mod_headers.c>
Header unset ETag
# Generelle Cache-Gültigkeit von 1 Woche? Es geht um den Zwischenspeicher (Cache) und dabei nicht um den Inhalt (Content), sondern den, welcher für den Header (Kopf) der Seite für die
# Verarbeitung bei Browser und/oder Server wichtig ist. Diese Zahlen sind schon korrekt und können ggf. auch beim Internetdiensteanbieter erfragt oder dessen FAQs nachgelesen werden.
Header set Cache-Control "max-age=604800, public"
# Set Keep Alive Header | Das sorgt dafür, dass der Server durchgehend hört und weiterhin bereit bleibt (sehr bildhaft ausgedrückt).
# Keep-alive ist eine Methode, um mehrere Daten über nur eine tcp Verbindung zwischen Webserver und Webbrowser herunterzuladen.
# Der Server hört nach der Verarbeitung eines Befehls nicht auf und fängt separat mit nächstem Befehl an, sondern macht alles in einem Rutsch.
Header set Connection keep-alive
# Content Security Policy (CSP): für HSTS erforderlich | optimal
# https://www.globalsign.com/de-de/blog/was-ist-hsts-wie-fuehren-sie-es-ein
# Gültigkeitsdauer von 2 Jahren ? | Funktioniert denn das schon jetzt auf einer Website, wenn ein Providerwechsel von anderen Domains zu diesem Provider ansteht?
# Damit noch vorsichtig sein, also besser nur eine Woche oder einen Monat einstellen, sobald ausnahmslos alle eigene Domains mit SSL-Zertifikat versehen wurden.
# Am besten erst, wenn alles beim gleichen Provider an laufen ist.
# Und dann anfangs ohne preload, denn das beantragst Du bei Mozilla, sobald alles solide ist.
# Dann tragen die die Domains in ihre Serverlisten (Mozilla und Google) ein, damit alle Browser wissen, dass diese Websites nur noch https: akzeptieren.
# Funktioniert beim Autor seit Jahren einwandfrei, aber wenn Let´s Encrypt plötzlich weg wäre, wären seine Domains eben auch nicht mehr erreichbar. Reine Theorie, könnte aber passieren.
# Daher sollte jeder für sich selbst entscheiden, ob er dieses Feature nutzen möchte.
# Header always set strict-transport-security "max-age=63072000; includeSubDomains; preload" "expr=%{HTTPS} == 'on'"
# Dadurch wird der Server nicht mehr jedem Angreifer helfen, indem er seine Version nennt (die vielleicht gerade eine Sicherheitslücke hat, nach der ein Angreifer sucht).
Header always unset X-Powered-By
# seit Juni 2021 obsolet, Onlineprüfseiten fragen das aber immer noch ab!
# Wenn man darauf achtet, dass die eigene Website möglichst optimal konfiguriert ist, was Sicherheit angeht, achtet man darauf, auch alle Möglichkeiten abzudecken.
# So bekommt man dann das optimale Rating und weiß, dass man alles richtig gemacht hat. Es nervt einfach, wenn man wegen einer solchen irgendwann bald (oder auch nicht)
# überflüssigen Funkton nicht die Bestnote bekommt. Manche Browser bieten bzw. nutzen Funktionen auch länger, viele Nutzer verwenden alte Browser. Also lieber drinlassen. :-)
#
# Zwei solcher Testwebsites: https://securityheaders.com/?q=tests-und-tipps.info&hide=on&followRedirects=on
# https://observatory.mozilla.org/analyze/tests-und-tipps.info
#
# This prevents that false issued certificates for this website can be used unnoticed (experimental)
# @see https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-02 | Gültigkeitsdauer 1 Tag
Header set Expect-CT "enforce, max-age=86400"
# https://httpd.apache.org/docs/current/mod/mod_deflate.html
# Bandbreiteneinsparung durch Komprimierung
# https://www.drweb.de/htaccess/ TEIL 2: DIE KOMPRIMIERTE AUSLIEFERUNG DER DATEIEN
# Insert filters / compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/x-component
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/js
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-httpd-php
AddOutputFilterByType DEFLATE application/x-httpd-fastphp
AddOutputFilterByType DEFLATE application/atom+xml
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/ld+json
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-web-app-manifest+json
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
# Exception: Images: Bilder (Bildformate, welche bereits selbst Kompression nutzen, werden nicht unnütz erneut angefasst. Bringt nix, kostet nur Rechenleistung).
SetEnvIfNoCase REQUEST_URI \.(?:gif|jpg|jpeg|png|svg)$ no-gzip dont-vary
# Drop problematic browsers
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Make sure Proxies don't deliver the wrong Content
Header append Vary User-Agent env=!dont-vary
</IfModule>
# https://www.drweb.de/htaccess/ TEIL 5. PHP – FEHLERMELDUNGEN UNTERDRÜCKEN
# Achtung: nur dann aktivieren, wenn das CMS absolut störungsfrei läuft und nie wieder daran herumgeschraubt werden soll und der Webhoster das Feature überhaupt unterstützt!
# Dient eben der Härtung gegen Angriffe.
# php_flag display_errors Off
# Default contact email. -->> Wer Spam (riskieren) mag, kann die Auskommentierung entfernen ;-)
# SetEnv SERVER_ADMIN webmaster@domain.tld
# Force download
AddType application/octet-stream .zip .pdf
# https://www.drweb.de/htaccess/ | .htaccess-Tester prüft Rewrite-Regeln auf ihre Richtigkeit -> https://htaccess.madewithlove.com/
# Der Online-Tester kommt nur mit den Rewrite-Regeln klar, daher alles andere aus der .htaccess weglassen, sonst ist die Fehlerliste unüberschaubar.
# IP - Adressen von der Website aussperren (BruteForce-Attacken laut Log-File)
order allow,deny
deny from 141.98.9.24
deny from 141.98.83.248
deny from 2a10:9107:f000::2
allow from all
# https://perishablepress.com/brute-force-login-drip-attack/ 14.08.2020
# https://httpd.apache.org/docs/2.4/howto/access.html
# Access control by host
order allow,deny
deny from 5.18.180.244 5.141.225.38 5.141.237.93 5.164.30.37 5.227.15.122
deny from 31.173.80.98 31.173.85.121 31.211.47.92 37.23.211.200 37.23.216.211 37.72.84.105 37.215.144.42
deny from 46.4.48.68 46.29.196.205 46.216.11.214 62.30.3.139 78.25.120.54 79.174.59.52
deny from 85.140.1.167 86.62.123.82 87.119.51.131 88.2.28.83 88.81.43.213 90.189.35.178 91.90.15.131
deny from 92.38.40.6 92.114.161.163 92.126.85.214 93.77.246.193 93.79.144.241 94.181.214.86 94.243.28.148
deny from 95.29.13.155 95.59.40.245 95.153.135.106 95.153.135.135 95.165.73.229 95.220.40.247 95.224.136.143
deny from 109.194.249.248 114.142.147.149 122.201.85.29 124.100.65.92 128.74.88.248 128.74.136.134 134.19.155.10 142.54.184.181
deny from 159.205.145.187 159.255.68.87 175.2.92.161 176.51.40.125 176.115.120.192 176.124.230.16 178.66.99.168 178.125.132.220
deny from 178.137.160.226 178.210.216.117 180.148.55.35 181.29.110.146 185.6.236.84 187.10.153.237 187.63.45.31 188.235.194.106
deny from 190.122.21.157 192.155.249.114 193.201.224.176 195.22.106.114 195.58.238.91 212.77.146.45 213.167.43.54
deny from 213.251.182.110 217.118.78.115 217.118.90.62
# FB | https://myip.ms/info/bots/ | ab 06.07.2021 | Stand: 30.04.2022
deny from 31.13.97.0/24 31.13.99.0/24 31.13.100.0/24 66.220.144.0/20 69.63.189.0/24 69.63.190.0/24 69.171.224.0/20 69.171.240.0/21 69.171.248.0/24 173.252.64.0/18 173.252.73.0/24 173.252.74.0/24 173.252.77.0/24 173.252.100.0/22 173.252.104.0/21 173.252.112.0/24 2a03:2880:10::/48 2a03:2880:10ff::/48 2a03:2880:11::/48 2a03:2880:11ff::/48 2a03:2880:20::/48 2a03:2880:20ff::/48 2a03:2880:21ff::/48 2a03:2880:30ff::/48 2a03:2880:31ff::/48 2a03:2880:1010::/48 2a03:2880:1020::/48 2a03:2880:2020::/48 2a03:2880:2050::/48 2a03:2880:2040::/48 2a03:2880:2110::/48 2a03:2880:2130::/48 2a03:2880:3010::/48 2a03:2880:3020::/48 2a03:2880:23ff:5::face:b00c 2a03:2880:30ff:c::face:b00c 2003:e3:571d:2c00:cd97:6e78:a890:f0d2
# Bad Bots | ab 14.02.2022 | Stand: 11.09.2022
deny from 2.56.57.0/24 3.144.209.0/24 3.145.204.0/24 13.81.56.0/24 13.89.137.0/24 14.29.240.225 20.98.181.0/24 20.98.182.0/24 20.98.183.0/24 20.106.24.0/24 20.109.241.0/24 37.115.125.205 40.89.246.0/24 40.117.76.0 52.158.167.0/24 52.185.105.0/24 54.37.160.0/24 64.125.238.0/24 78.96.115.0/24 79.120.76.0/24 83.171.248.0/24 87.224.77.0/24 94.31.97.0/24 95.163.255.0/24 104.208.166.251 108.167.189.40 114.119.136.0/21 114.119.144.0/22 114.119.148.0/23 138.199.18.0/24 148.72.232.0/24 157.90.181.0/24 157.90.182.0/24 157.245.213.0/24 162.55.85.0/24 162.243.161.0/24 165.227.110.0/24 167.71.168.0/24 185.83.146.0/24 191.234.203.0/24 208.110.82.0/24
# AppleBot | ab 27.02.2022 | Stand: 04.09.2022
deny from 17.121.112.0/22 17.121.114.0/24
allow from all
# Aktuelle Blacklist: Ich lasse mir vollautomatisch regelmäßig die neuesten IPs von bösen Buben anhängen, damit mein System diese zeitnah aussperrt. :-)
# Wie geht das ?
# Wenn man einen anständigen Webhoster hat, der Cron-Jobs zulässt, dann kann man mttels kleinem PHP-Script und regelmäßigem Aufruf des PHP-Scripts die jeweils neuesten
# Blacklists hier bei diesem Server (https://myip.ms/browse/blacklist) abholen und eintragen lassen.
# Auch den Tipp stand vor Jahren bei Jeff Starr. Dessen Blog ist sehr wertvoll, wenn man Englisch versteht.
# Natürlich kann man diese Funktion auch manuell aufrufen. Einfach die eigene Webadresse mit /blacklist/ oder wie auch immer man die genannt hat aufrufen
# und schon holt das Script die aktuelle Blacklist ab und hängt sie unten an die .htaccess an. :-) | Aber: Bei dieser Praxis muss die .htaccess als Dateiberechtigung 777 haben, sonst:
# Error! Cannot write blacklist ip to file: /home/sites/...../.htaccess in your website root directory. Please change file permissions to 0777 (command: chmod 0777 /home/sites/...../.htaccess)
# ---------------------------------------------------------------------- .htaccess mit Dateiberechtigung 777 ??? Risiko ------------------------------------------------------------------------
# Das genügt auch ohne Cron-Job, wenn man eh fast täglich an der Website bastelt. ;-)
# Deshalb immer eine Leerzeile am Ende der .htaccess drinlassen. Sieht dann besser aus.
# Um spätestens bei einem unerlaubten Zugriff auf den Server die IP-Liste zu aktualisieren kann man das Blacklist-Script via Include aus der 7G_log.php aufrufen lassen.
# Möchte man dann irgendwann mal die Protokollierung deaktivieren muss man nur die Zeile 255 in der 7G_log.php auskommentieren.
# ===================================================== ab hier Blacklist-Einträge ================================================
# IP Blacklist auto added
# on Mon, 19 Sep 2022 10:00:40 +0000 Last 10days Blacklist IPs
###############################################################################
# LIVE BLACKLIST IPv4/IPv6 ADDRESSES DATABASE
# URL: https://myip.ms/browse/blacklist
#
# Myip.ms Blacklist IPs in this List: 521 ip (09 September 2022 - 19 September 2022)
#
deny from 134.209.161.71
deny from 105.71.18.54
deny from 195.154.123.6
deny from 195.154.122.62
deny from 114.119.146.88
deny from 35.235.81.103
deny from 144.76.27.118
deny from 114.119.147.0
deny from 114.119.146.98
deny from 114.119.147.116
deny from 195.158.249.82
deny from 168.119.68.187
deny from 176.67.87.51
deny from 176.67.84.16
deny from 5.154.174.45
deny from 168.119.68.251
deny from 49.204.120.170
deny from 212.200.181.209
deny from 95.163.255.237
deny from 20.216.130.0
deny from 20.87.73.70
deny from 20.87.223.236
deny from 145.40.121.191
deny from 95.163.255.60
deny from 95.163.255.216
deny from 39.53.74.117
deny from 103.26.247.66
deny from 95.163.255.219
deny from 47.88.4.36
deny from 95.163.255.206
deny from 95.163.255.208
deny from 120.230.60.46
deny from 95.163.255.212
deny from 95.163.255.213
deny from 95.163.255.218
deny from 95.163.255.199
deny from 95.163.255.207
deny from 95.163.255.221
deny from 178.220.112.239
deny from 50.195.185.123
deny from 172.58.24.57
deny from 100.0.77.198
deny from 199.193.235.60
deny from 74.136.65.33
deny from 176.67.86.106
deny from 99.76.17.160
deny from 47.203.212.48
deny from 76.78.70.56
deny from 73.231.61.66
deny from 24.0.245.24
deny from 84.247.50.242
deny from 72.89.90.82
deny from 107.11.81.7
deny from 149.34.194.178
deny from 77.219.2.115
deny from 50.4.196.221
deny from 66.225.69.164
deny from 99.76.17.164
deny from 67.214.6.209
deny from 149.34.222.81
deny from 5.182.114.133
deny from 71.230.57.175
deny from 97.91.194.230
deny from 136.52.85.202
deny from 75.51.14.106
deny from 50.54.128.75
deny from 76.104.46.193
deny from 73.73.130.210
deny from 45.49.238.72
deny from 149.34.194.186
deny from 71.58.90.165
deny from 76.78.71.130
deny from 174.85.192.121
deny from 74.131.234.223
deny from 71.10.5.211
deny from 5.182.114.134
deny from 2.58.56.135
deny from 71.75.192.21
deny from 23.241.77.105
deny from 73.43.43.125
deny from 148.59.73.59
deny from 75.31.24.135
deny from 75.89.206.80
deny from 216.131.88.28
deny from 149.34.194.201
deny from 67.7.98.153
deny from 216.82.197.94
deny from 162.254.123.166
deny from 73.241.208.10
deny from 174.85.228.156
deny from 149.34.194.208
deny from 67.235.194.200
deny from 75.51.14.10
deny from 172.58.88.213
deny from 132.147.18.107
deny from 47.201.231.105
deny from 70.15.61.141
deny from 58.245.176.59
deny from 114.119.144.233
deny from 114.119.147.110
deny from 136.243.228.197
deny from 149.5.4.211
deny from 136.243.228.194
deny from 80.246.31.56
deny from 143.255.58.57
deny from 64.124.8.33
deny from 129.56.72.238
deny from 161.156.29.33
deny from 61.190.56.216
deny from 213.226.123.196
deny from 117.58.243.106
deny from 206.81.13.133
deny from 23.100.232.233
deny from 58.245.156.193
deny from 216.131.68.18
deny from 195.154.122.108
deny from 95.163.255.203
deny from 86.57.103.181
deny from 95.163.255.231
deny from 95.163.255.229
deny from 168.119.68.246
deny from 95.163.255.233
deny from 95.163.255.239
deny from 95.163.255.17
deny from 95.163.255.209
deny from 95.163.255.225
deny from 95.163.255.211
deny from 20.254.24.220
deny from 95.163.255.236
deny from 95.163.255.230
deny from 95.163.255.0
deny from 195.154.123.60
deny from 95.108.213.28
deny from 95.108.213.65
deny from 95.108.213.52
deny from 5.45.207.98
deny from 45.133.192.171
deny from 176.67.82.3
deny from 185.147.212.54
deny from 119.128.222.150
deny from 194.150.167.108
deny from 91.197.235.140
deny from 203.117.17.37
deny from 87.250.224.91
deny from 45.87.214.81
deny from 212.200.181.50
deny from 223.213.160.214
deny from 195.154.122.136
deny from 195.154.122.164
deny from 103.166.253.90
deny from 168.119.65.124
deny from 82.193.104.168
deny from 141.94.1.96
deny from 156.220.242.55
deny from 31.210.38.239
deny from 207.241.234.159
deny from 109.93.201.194
deny from 168.119.65.117
deny from 92.62.121.150
deny from 185.108.107.55
deny from 185.108.106.230
deny from 216.131.109.161
deny from 195.154.122.59
deny from 185.245.84.56
deny from 185.174.159.18
deny from 185.220.101.27
deny from 177.105.215.151
deny from 168.119.65.49
deny from 111.119.187.7
deny from 168.119.68.121
deny from 117.91.65.116
deny from 168.119.68.182
deny from 168.119.65.115
deny from 168.119.65.51
deny from 95.163.255.205
deny from 212.200.65.93
deny from 95.163.255.238
deny from 95.163.255.222
deny from 95.163.255.235
deny from 95.163.255.210
deny from 95.163.255.201
deny from 95.163.255.226
deny from 95.163.255.1
deny from 132.145.9.5
deny from 95.163.255.223
deny from 168.119.65.44
deny from 95.163.255.234
deny from 95.163.255.228
deny from 95.163.255.200
deny from 95.163.255.220
deny from 209.126.119.213
deny from 95.163.255.124
deny from 95.163.255.215
deny from 54.36.148.97
deny from 95.163.255.224
deny from 95.163.255.217
deny from 95.163.255.123
deny from 95.163.255.204
deny from 95.163.255.227
deny from 95.163.255.232
deny from 20.224.247.238
deny from 95.163.255.214
deny from 95.163.255.202
deny from 180.92.235.242
deny from 168.119.68.241
deny from 140.238.94.137
deny from 87.116.164.84
deny from 185.25.119.57
deny from 20.205.42.232
deny from 20.206.96.77
deny from 24.109.252.48
deny from 200.16.68.111
deny from 168.119.68.238
deny from 145.40.121.73
deny from 66.50.36.90
deny from 185.220.100.249
deny from 20.187.70.249
deny from 20.205.43.55
deny from 51.103.20.134
deny from 20.43.57.235
deny from 45.119.212.189
deny from 168.119.65.126
deny from 195.154.122.57
deny from 82.114.168.124
deny from 85.10.57.224
deny from 195.154.122.2
deny from 109.122.102.42
deny from 168.119.68.243
deny from 113.53.238.204
deny from 54.161.41.102
deny from 152.67.138.180
deny from 199.33.68.13
deny from 168.119.68.172
deny from 168.119.65.114
deny from 195.154.126.98
deny from 132.145.11.125
deny from 168.119.64.247
deny from 54.195.179.40
deny from 132.145.67.248
deny from 107.181.189.148
deny from 13.66.139.4
deny from 49.207.180.238
deny from 140.238.95.47
deny from 176.241.52.213
deny from 102.135.169.114
deny from 114.119.146.94
deny from 212.200.247.95
deny from 103.120.222.141
deny from 140.238.95.199
deny from 103.3.225.201
deny from 5.255.231.109
deny from 185.99.3.196
deny from 87.116.165.32
deny from 20.169.12.166
deny from 37.19.108.152
deny from 77.253.227.191
deny from 102.53.13.138
deny from 140.238.81.78
deny from 216.151.184.104
deny from 195.154.122.188
deny from 168.119.68.244
deny from 195.154.122.222
deny from 185.191.171.16
deny from 185.191.171.2
deny from 45.57.247.35
deny from 114.218.108.217
deny from 87.250.224.46
deny from 85.208.98.53
deny from 37.239.28.29
deny from 212.200.181.114
deny from 196.217.76.71
deny from 143.198.37.218
deny from 212.200.181.200
deny from 103.197.206.89
deny from 132.145.64.33
deny from 49.0.35.178
deny from 118.179.112.114
deny from 58.84.32.49
deny from 85.208.98.17
deny from 168.119.68.188
deny from 168.119.68.180
deny from 109.245.37.177
deny from 13.66.139.11
deny from 168.119.68.124
deny from 168.119.68.190
deny from 154.54.249.196
deny from 80.94.92.21
deny from 24.135.73.240
deny from 185.191.171.41
deny from 185.191.171.3
deny from 47.104.219.18
deny from 85.208.98.18
deny from 5.45.207.87
deny from 87.250.224.160
deny from 5.45.207.143
deny from 87.250.224.125
deny from 87.250.224.56
deny from 216.244.66.203
deny from 213.180.203.23
deny from 5.45.207.130
deny from 87.250.224.79
deny from 87.250.224.117
deny from 87.250.224.147
deny from 95.108.213.29
deny from 5.45.207.142
deny from 87.250.224.150
deny from 5.45.207.104
deny from 95.108.213.13
deny from 87.250.224.71
deny from 87.250.224.191
deny from 87.250.224.73
deny from 213.180.203.82
deny from 87.250.224.41
deny from 87.250.224.179
deny from 5.45.207.146
deny from 95.108.213.36
deny from 87.250.224.187
deny from 5.45.207.92
deny from 5.45.207.145
deny from 5.45.207.95
deny from 87.250.224.102
deny from 14.120.116.49
deny from 216.244.66.228
deny from 168.119.68.176
deny from 5.45.207.117
deny from 109.238.247.83
deny from 185.191.171.14
deny from 185.191.171.39
deny from 185.191.171.11
deny from 185.191.171.6
deny from 183.155.27.168
deny from 82.102.23.75
deny from 185.191.171.13
deny from 185.191.171.44
deny from 168.119.65.61
deny from 37.120.218.111
deny from 185.191.171.8
deny from 60.181.32.189
deny from 185.191.171.23
deny from 185.191.171.9
deny from 185.191.171.24
deny from 107.180.107.67
deny from 185.191.171.36
deny from 185.191.171.43
deny from 168.119.68.173
deny from 185.191.171.1
deny from 185.191.171.26
deny from 91.243.81.234
deny from 185.191.171.40
deny from 168.119.64.251
deny from 132.145.15.209
deny from 185.191.171.25
deny from 213.180.203.84
deny from 195.154.123.30
deny from 185.191.171.4
deny from 195.154.123.12
deny from 185.191.171.34
deny from 216.131.110.150
deny from 168.119.65.119
deny from 95.181.237.10
deny from 168.119.65.118
deny from 185.191.171.42
deny from 90.101.73.32
deny from 46.140.11.186
deny from 185.191.171.22
deny from 168.119.68.120
deny from 195.154.123.117
deny from 185.191.171.19
deny from 136.243.228.182
deny from 185.191.171.15
deny from 185.191.171.33
deny from 132.145.66.116
deny from 160.152.41.4
deny from 114.119.146.87
deny from 180.92.239.210
deny from 152.67.137.35
deny from 185.191.171.37
deny from 168.119.65.110
deny from 100.26.127.17
deny from 185.191.171.5
deny from 132.145.14.70
deny from 136.243.228.181
deny from 5.255.231.113
deny from 5.255.231.104
deny from 195.154.122.198
deny from 185.191.171.38
deny from 113.80.63.171
deny from 216.131.108.34
deny from 195.154.122.232
deny from 216.131.120.60
deny from 168.119.68.184
deny from 185.191.171.17
deny from 216.131.111.33
deny from 13.66.139.5
deny from 185.191.171.45
deny from 168.119.68.186
deny from 154.54.249.208
deny from 27.147.170.81
deny from 195.201.175.102
deny from 105.112.213.210
deny from 168.119.68.245
deny from 185.191.171.20
deny from 132.145.66.156
deny from 185.191.171.21
deny from 52.158.233.131
deny from 195.154.122.98
deny from 91.245.38.160
deny from 105.155.56.251
deny from 168.119.65.116
deny from 195.154.122.163
deny from 157.90.181.220
deny from 20.122.163.70
deny from 87.250.224.24
deny from 5.45.207.103
deny from 87.250.224.162
deny from 5.255.231.117
deny from 5.255.231.133
deny from 5.255.231.206
deny from 95.108.213.48
deny from 87.250.224.51
deny from 5.45.207.151
deny from 87.250.224.64
deny from 5.255.231.125
deny from 213.180.203.76
deny from 5.45.207.91
deny from 95.108.213.68
deny from 87.250.224.13
deny from 5.45.207.89
deny from 95.108.213.74
deny from 5.45.207.71
deny from 87.250.224.39
deny from 5.255.231.120
deny from 5.255.231.107
deny from 5.45.207.106
deny from 87.250.224.110
deny from 87.250.224.85
deny from 87.250.224.149
deny from 5.45.207.138
deny from 87.250.224.152
deny from 87.250.224.55
deny from 87.250.224.127
deny from 87.250.224.161
deny from 185.191.171.18
deny from 205.185.223.135
deny from 216.131.111.149
deny from 87.250.224.116
deny from 192.200.158.122
deny from 216.151.183.40
deny from 135.181.136.229
deny from 195.154.123.92
deny from 103.81.92.54
deny from 51.105.36.91
deny from 27.147.184.218
deny from 34.70.74.37
deny from 35.192.105.158
deny from 85.208.98.31
deny from 85.208.98.22
deny from 185.191.171.35
deny from 185.191.171.7
deny from 94.109.188.131
deny from 157.90.181.219
deny from 41.142.112.147
deny from 13.66.139.12
deny from 65.21.226.48
deny from 173.195.15.125
deny from 168.119.65.52
deny from 85.208.98.16
deny from 85.208.98.20
deny from 85.208.98.24
deny from 85.208.98.29
deny from 85.208.98.19
deny from 183.12.236.238
deny from 216.131.87.77
deny from 185.191.171.12
deny from 185.242.7.25
deny from 216.131.107.215
deny from 185.191.171.10
deny from 103.102.252.200
deny from 8.210.162.129
deny from 122.4.101.123
deny from 27.147.169.208
deny from 2600:1f16:9d7:1800:23f7:b1c0:5e2b:f1c3
deny from 2601:2c6:4300:3a70:9d07:bfad:16b:1aa6
deny from 2600:8801:2e80:14f0:3492:e780:d768:2b29
deny from 2604:2d80:c007::2094:58c4:b8e2:bbc0
deny from 2601:1c2:1380:1d40:7c5f:424f:c10a:f688
deny from 2601:5c8:200:42e0:2d96:c429:e1ea:149d
deny from 2601:842:c101:13c0:fd9c:bb4:75a:1cb3
deny from 2605:9480:12c:2b50:e15c:eda6:4028:425
deny from 2601:89:8300:1200:350e:f5e7:b3b8:880f
deny from 2601:547:1300:10d0:4844:4b01:38a5:e235
deny from 2601:589:4102:6e08:1c6a:25ae:cd5:efd
deny from 2607:fb90:8a80:8428:4f:1137:a1d2:3f46
deny from 2600:1700:4990:6600:3d8b:54e6:e78f:d0a9
deny from 2001:558:6031:63:89aa:5b85:b5a6:ba87
deny from 2603:8080:d502:ffaa:c8df:7b8c:82e9:d2dc
deny from 2607:9e80:1209:6f80:b49d:9f99:8e7b:4024
deny from 2601:19b:b00:1030:bc39:3d78:649f:591e
deny from 2600:8801:432:5d00:cc8f:645:cbe3:cbb1
deny from 2600:1017:a800:233a:71d7:9beb:5bbd:d70
deny from 2601:589:8401:35c0:f1d0:d89:9a8e:11b2
deny from 2604:2d80:8820::8885:6f63:8441:63dc
deny from 2604:2d80:403c::f851:5ab6:c2db:86
deny from 2600:4040:101b:a300:c873:61fa:95e2:19b0
deny from 2601:19b:b00:1030:50fd:43d1:960b:8363
deny from 2604:2d80:4003::7111:d31b:4b4a:4303
deny from 2600:1700:7e68:8710:21ce:a7ea:1350:7cb5
deny from 2601:344:c000:f410:99ca:421d:c5f1:b27b
deny from 2601:701:201:5210:2403:aa01:37c5:809b
deny from 2600:4040:2b47:e600:b0fc:1b32:cf50:df2d
deny from 2600:1700:20b0:8810:6d0d:1379:a4b3:1c2c
deny from 2604:4300:a:224:20f9:ddd6:f8e4:9a97
deny from 2001:1c06:200a:2300:789e:88a4:d128:3864
deny from 2600:3c03::f03c:91ff:fe58:991e
deny from 2001:ac8:25:3000::25af
deny from 2600:3c03::f03c:91ff:fe58:9936
deny from 2804:431:c7f2:49d2:c40a:62b7:8279:e5cd
deny from 2a03:2880:20ff:14::face:b00c
deny from 2001:1c06:200a:2300:8932:290e:5c10:5aeb
deny from 2a01:4f8:212:246a::2
deny from 2a02:c7e:3cb8:cc00:514e:b253:1c60:47d9
##############
#
# User Submitted Blacklist IPs: 241 ip (09 September 2022 - 19 September 2022)
#
deny from 2.133.253.46
deny from 3.15.159.190
deny from 3.139.230.203
deny from 3.140.58.6
deny from 3.217.154.95
deny from 5.9.154.204
deny from 5.29.15.169
deny from 5.62.49.38
deny from 8.242.215.133
deny from 15.204.4.204
deny from 17.121.113.203
deny from 20.39.221.225
deny from 20.90.110.0
deny from 20.172.9.237
deny from 23.82.17.9
deny from 23.88.75.72
deny from 23.94.200.20
deny from 23.95.107.141
deny from 23.95.239.185
deny from 27.110.40.10
deny from 27.157.235.0
deny from 27.157.236.0
deny from 34.76.75.249
deny from 37.139.53.40
deny from 38.125.71.19
deny from 41.92.40.55
deny from 41.93.82.7
deny from 43.205.95.5
deny from 45.12.31.249
deny from 45.14.50.156
deny from 45.33.60.45
deny from 45.88.97.0
deny from 45.164.223.255
deny from 46.229.169.153
deny from 51.38.207.202
deny from 51.178.13.168
deny from 52.19.101.114
deny from 54.70.53.60
deny from 54.85.195.249
deny from 54.148.192.94
deny from 58.69.126.42
deny from 59.120.118.168
deny from 62.138.2.160
deny from 65.108.72.208
deny from 65.154.226.109
deny from 66.227.167.92
deny from 69.16.249.242
deny from 73.213.162.204
deny from 74.50.117.113
deny from 76.19.199.17
deny from 77.55.213.150
deny from 77.55.216.120
deny from 78.142.57.137
deny from 80.76.51.157
deny from 82.193.104.168
deny from 83.238.47.247
deny from 84.120.48.177
deny from 88.99.81.72
deny from 92.53.96.243
deny from 93.87.152.207
deny from 94.130.191.31
deny from 95.91.225.247
deny from 95.108.213.0
deny from 95.163.40.13
deny from 96.45.167.226
deny from 97.79.239.127
deny from 98.58.210.213
deny from 101.68.211.2
deny from 103.45.64.107
deny from 103.66.5.77
deny from 103.89.170.237
deny from 103.153.76.171
deny from 103.179.56.97
deny from 103.241.73.59
deny from 104.18.6.174
deny from 104.21.20.16
deny from 104.21.22.96
deny from 104.21.29.17
deny from 104.21.32.199
deny from 104.21.36.253
deny from 104.21.45.35
deny from 104.21.52.50
deny from 104.21.53.80
deny from 104.21.55.137
deny from 104.21.87.22
deny from 104.21.87.139
deny from 104.129.5.76
deny from 104.129.8.85
deny from 104.129.12.77
deny from 104.165.101.192
deny from 105.224.1.27
deny from 107.175.91.182
deny from 107.178.207.72
deny from 107.189.8.66
deny from 108.62.139.2
deny from 108.174.60.221
deny from 108.178.39.50
deny from 115.144.69.112
deny from 116.251.204.135
deny from 117.28.87.99
deny from 117.29.75.92
deny from 117.29.94.3
deny from 117.31.52.0
deny from 120.34.198.30
deny from 121.200.60.27
deny from 121.206.251.20
deny from 122.56.26.179
deny from 122.161.66.219
deny from 123.209.201.242
deny from 125.79.200.19
deny from 131.221.217.139
deny from 136.243.220.213
deny from 138.219.41.142
deny from 139.224.228.165
deny from 144.217.181.84
deny from 150.95.78.176
deny from 150.109.146.158
deny from 150.230.247.143
deny from 154.198.247.77
deny from 154.222.238.46
deny from 155.94.128.139
deny from 155.94.163.19
deny from 155.94.184.62
deny from 156.96.56.3
deny from 157.90.124.40
deny from 157.148.40.30
deny from 157.231.15.67
deny from 159.65.252.223
deny from 159.69.73.203
deny from 159.183.194.81
deny from 159.223.131.40
deny from 161.35.103.104
deny from 167.160.188.208
deny from 167.248.133.44
deny from 171.241.154.145
deny from 172.67.139.191
deny from 172.67.143.132
deny from 172.67.148.216
deny from 172.67.154.179
deny from 172.67.171.63
deny from 172.67.190.207
deny from 172.67.201.161
deny from 172.67.204.40
deny from 172.67.208.194
deny from 172.104.81.115
deny from 172.245.57.168
deny from 172.245.60.105
deny from 173.225.198.25
deny from 173.248.133.181
deny from 175.100.20.253
deny from 175.170.38.182
deny from 176.108.124.247
deny from 177.53.51.52
deny from 177.91.32.16
deny from 178.62.55.164
deny from 178.62.232.252
deny from 178.169.106.156
deny from 178.176.175.104
deny from 178.176.175.177
deny from 178.208.71.23
deny from 179.60.150.123
deny from 183.136.225.44
deny from 185.30.176.74
deny from 185.30.176.240
deny from 185.30.177.236
deny from 185.100.85.22
deny from 185.153.181.5
deny from 185.191.171.7
deny from 185.191.171.15
deny from 185.191.171.33
deny from 185.191.171.35
deny from 185.216.71.0
deny from 185.245.182.166
deny from 186.125.253.171
deny from 187.9.172.186
deny from 188.93.88.99
deny from 188.114.96.14
deny from 188.162.43.72
deny from 188.227.84.80
deny from 189.156.142.76
deny from 189.163.142.0
deny from 190.64.204.46
deny from 190.107.177.243
deny from 192.3.62.246
deny from 192.3.143.216
deny from 192.3.171.217
deny from 192.3.255.153
deny from 192.30.83.188
deny from 192.30.83.245
deny from 192.95.39.223
deny from 192.115.100.180
deny from 192.146.243.88
deny from 192.151.156.186
deny from 192.227.165.98
deny from 192.227.234.148
deny from 192.232.216.124
deny from 193.19.118.231
deny from 193.140.164.58
deny from 194.160.4.206
deny from 194.163.132.194
deny from 198.23.187.154
deny from 198.23.188.136
deny from 198.23.188.149
deny from 198.244.216.42
deny from 198.252.101.206
deny from 199.34.228.75
deny from 200.89.153.30
deny from 201.158.48.90
deny from 204.44.95.155
deny from 205.169.39.190
deny from 205.213.108.196
deny from 207.244.235.38
deny from 208.91.199.220
deny from 209.13.185.194
deny from 210.154.254.238
deny from 211.249.221.105
deny from 212.8.244.146
deny from 212.32.235.171
deny from 213.184.202.6
deny from 216.127.169.72
deny from 217.21.74.172
deny from 217.26.213.77
deny from 2001:41d0:203:5430::
deny from 2606:4700:3033::ac43:d0c2
deny from 2606:4700:3037::ac43:ab3f
deny from 2606:4700:3035::ac43:8f84
deny from 2606:4700:3031::ac43:becf
deny from 2606:4700:3030::ac43:94d8
deny from 2606:4700:3031::ac43:8bbf
deny from 2606:4700:3036::ac43:c9a1
deny from 2606:4700:3037::ac43:cc28
deny from 2606:4700:3036::ac43:9ab3
deny from 2606:4700:3033::6815:24fd
deny from 2606:4700:3035::6815:3789
deny from 2606:4700:3033::6815:1410
deny from 2606:4700:3031::6815:1660
deny from 2606:4700:3031::6815:5716
deny from 2606:4700:3037::6815:578b
deny from 2606:4700:3034::6815:1d11
deny from 2606:4700:3037::6815:20c7
deny from 2606:4700:3035::6815:2d23