Intrusion Detection System

[trialnick]

you do not need any plugins, just read here

http://perishablepress.com/press/2009/03...http://perishablepress.com/press/2009/03/16/the-perishable-press-4g-
and other themes about htaccess protection on blog.

Especially :

Code:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

# QUERY STRING EXPLOITS <IfModule mod_rewrite.c> RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} tag\= [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|'|"|;|\?|\*).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC] RewriteRule ^(.*)$ - [F,L] </IfModule>

---

Choose the lines that will suit your server&forum (eg. you shouldn't use SELECT  or INSERT  because it will conflict wth mybb queries; you can add in the same line: rlike and like)