# -FrontPage-

IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
IndexIgnore *.gif *.jpg *.html


# Remove below line if you see problem in apache 2
php_flag register_globals 0

php_flag zlib.output_compression on
php_value zlib.output_compression_level 6

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>


# PHP 4, Apache 1. 
<IfModule mod_php4.c> 
  php_value magic_quotes_gpc                0 
  php_value register_globals                0 
  php_value session.auto_start              0 
  php_value mbstring.http_input             pass 
  php_value mbstring.http_output            pass 
  php_value mbstring.encoding_translation   0 
</IfModule> 

# PHP 4, Apache 2. 
<IfModule sapi_apache2.c> 
  php_value magic_quotes_gpc                0 
  php_value register_globals                0 
  php_value session.auto_start              0 
  php_value mbstring.http_input             pass 
  php_value mbstring.http_output            pass 
  php_value mbstring.encoding_translation   0 
</IfModule> 

# PHP 5, Apache 1 and 2. 
<IfModule mod_php5.c> 
  php_value magic_quotes_gpc                0 
  php_value register_globals                0 
  php_value session.auto_start              0 
  php_value mbstring.http_input             pass 
  php_value mbstring.http_output            pass 
  php_value mbstring.encoding_translation   0 
</IfModule> 

Options +FollowSymLinks


RewriteEngine On 
RewriteCond %{SCRIPT_FILENAME} -f [OR] 
RewriteCond %{SCRIPT_FILENAME} -d 
RewriteRule .* - [L] 

RewriteRule ^([a-zA-Z_]*)/$ $1.php [QSA,L]
RewriteRule ^([a-zA-Z_]*)/([^/]*)/([^/]*)/$ $1.php?$2=$3 [QSA,L]
RewriteRule ^([a-zA-Z_]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/$ $1.php?$2=$3&$4=$5 [QSA,L]
RewriteRule ^([a-zA-Z_]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/$ $1.php?$2=$3&$4=$5&$6=$7 [QSA,L]
RewriteRule ^([a-zA-Z_]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/$ $1.php?$2=$3&$4=$5&$6=$7&$8=$9 [QSA,L]
RewriteRule ^([a-zA-Z_]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/([^/]*)/$ $1.php?$2=$3&$4=$5&$6=$7&$8=$9&$10=$11 [QSA,L]




########## Begin - Rewrite rules to block out some common exploits
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits