> > > >


(ASK) cara memberi keamanan website
Kresna Offline
Mobile AppSec
45 - 700
#7
07-27-2013, 08:49 PM
Klo pake CMS yang paling utama menurut ane sih konfigurasi htaccessnya om ..
ini ane ada sedikit konfigurasi htaccess buat menghindari berbagai macam scanning Big Grin
Code:
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1/ [R=301,L]
</IfModule>

Penjelasan sedikit rules diatas untuk menolak user agent tertentu untuk mengscan web kita ..
info lengkapnya bisa baca disini http://www.askapache.com/htaccess/htaccess.html
Jangan Makan Tulang Kawan | Kurawa |
 
Find
Reply


Messages In This Thread
(ASK) cara memberi keamanan website - by tisati - 06-24-2013, 07:46 PM
RE: cara memberi keamanan website - by arfha - 06-24-2013, 08:14 PM
RE: (ASK) cara memberi keamanan website - by Kresna - 07-27-2013, 08:49 PM




Users browsing this thread: 1 Guest(s)