IF(A73X) {TRUE;}

what is .htaccess?
htaccess is a server configuration file which is use for Apache Web Server software. when a .htaccess place in a web directory then this .htaccess file loaded via Apache Web Server and follow .htaccess instructions. Apache web server works which command use on .htaccess file. .htaccess files provide a way to change web server configurations.
Custom Directory Index Files

DirectoryIndex index.php index.html index.htm

Prevent Directory Listing

Options -Indexes

Force www or non-www

You can specify your website www or non-www by using .htaccess www and non-www means when a user browse your website then which type of link will display in users browser.
www.example.com or example.com selct is yours. You can specify it using .htaccess

RewriteCond %{HTTP_HOST} ^example.com [NC]
 RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301] 

 RewriteCond %{HTTP_HOST} ^www.example.com [NC]
 RewriteRule ^(.*)$ http://example.com/$1 [L,R=301] 

Custom Error Page
You can setup custom error pages for your website. If you not set custom error pages for your website then your website will display default error pages which are provided by your hosting service provider. but you can set custom error pages using a .htaccess file.

ErrorDocument 400 error/400-badrequest.php
ErrorDocument 401 error/401-authorizationrequired.php
ErrorDocument 404 error/404-notfound.php
ErrorDocument 403 error/403-forbidden.php
ErrorDocument 500 error/500-servererror.php

[Read more…]

# Enable rewrite engine

RewriteEngine On

# Block suspicious request methods

RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ — [F,L]

# Block WP timthumb hack

RewriteCond %{REQUEST_URI} (timthumb.php|phpthumb.php|thumb.php|thumbs.php) [NC]
RewriteRule . — [S=1]

# Block suspicious user agents and requests

RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (;|<|>|’|”|)|(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
RewriteCond %{THE_REQUEST} ? HTTP/ [NC,OR]
RewriteCond %{THE_REQUEST} /* HTTP/ [NC,OR]
RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
RewriteCond %{THE_REQUEST} (%0A|%0D) [NC,OR]
# Block MySQL injections, RFI, base64, etc.
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=(..//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=/([a-z0–9_.]//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} =PHP[0–9a-f]{8}-[0–9a-f]{4}-[0–9a-f]{4}-[0–9a-f]{4}-[0–9a-f]{12} [NC,OR]
RewriteCond %{QUERY_STRING} (../|..) [OR]
RewriteCond %{QUERY_STRING} ftp: [NC,OR]
RewriteCond %{QUERY_STRING} http: [NC,OR]
RewriteCond %{QUERY_STRING} https: [NC,OR]
RewriteCond %{QUERY_STRING} =|w| [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C).*iframe.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [NC,OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*([^)]*) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0–9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} <em>REQUEST(=|[|%[0–9A-Z]{0,2}) [OR]
RewriteCond %{QUERY</em>STRING} ^.*([|]|(|)|<|>).* [NC,OR]
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
RewriteCond %{QUERY_STRING} (./|../|…/)+(motd|etc|bin) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127.0.0.1) [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{QUERY_STRING} concat[^(]*( [NC,OR]
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|’|”|)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
RewriteRule ^(.*)$ — [F,L]

.htaccess Code to Block SQL Injection Attacks in QUERY_STRING

##### Redirect If QUERY_STRING Has SQL Injection To Honeypot -- START
#QUERY_STRING contains everything in the URL after the "?" ex.) mydomain.com/test.php?test=test
#Excluded the commands like, version, update, insert, and set because they are common words and have caused false positives
RewriteCond %{QUERY_STRING} !^$
RewriteCond %{REQUEST_URI} !honeypot.php/
RewriteCond %{QUERY_STRING} union [NC,OR]
RewriteCond %{QUERY_STRING} select [NC,OR]
RewriteCond %{QUERY_STRING} cast [NC,OR]
RewriteCond %{QUERY_STRING} declare [NC,OR]
RewriteCond %{QUERY_STRING} drop [NC,OR]
RewriteCond %{QUERY_STRING} md5 [NC,OR]
RewriteCond %{QUERY_STRING} benchmark [NC,OR]
RewriteCond %{QUERY_STRING} table [NC,OR]
RewriteCond %{QUERY_STRING} column [NC,OR]
RewriteCond %{QUERY_STRING} distinct [NC,OR]
RewriteCond %{QUERY_STRING} substr [NC,OR]
RewriteCond %{QUERY_STRING} concat [NC,OR]
RewriteCond %{QUERY_STRING} schema [NC,OR]
RewriteCond %{QUERY_STRING} hex [NC,OR]
RewriteCond %{QUERY_STRING} truncate [NC,OR]
RewriteCond %{QUERY_STRING} convert [NC,OR]
RewriteCond %{QUERY_STRING} exec [NC,OR]
RewriteCond %{QUERY_STRING} passthru [NC,OR]
RewriteCond %{QUERY_STRING} system [NC,OR]
RewriteCond %{QUERY_STRING} popen [NC,OR]
RewriteCond %{QUERY_STRING} proc [NC,OR]
RewriteCond %{QUERY_STRING} load [NC,OR]
RewriteCond %{QUERY_STRING} between [NC,OR]
RewriteCond %{QUERY_STRING} null [NC,OR]
RewriteCond %{QUERY_STRING} delay [NC,OR]
RewriteCond %{QUERY_STRING} char [NC,OR]
RewriteCond %{QUERY_STRING} sleep [NC,OR]
RewriteCond %{ QUERY_STRING } schema [NC,OR]
RewriteCond %{QUERY_STRING} unhex [NC]
RewriteRule ^(.*)$ /honeypot.php/ [NC,L]
##### Redirect If QUERY_STRING Has SQL Injection To Honeypot -- END

[Read more…]

ທ່ານສາມາດເອົາໄປໃຊ້ສຳລັບການຂຽນປ້ອງກັນຊ່ອງໂຫວ່ໃນ web ຕ່າງໆ ໂດຍ OWASP
ຕາມລິ້ງລຸ່ມນີ້:
https://github.com/O … e/master/cheatsheets

Image does not exist: https://securityonline.info/wp-content/uploads/2019/02/Gorecon.png
ມີຫຼາຍຄຳສັ່ງ ແລະ ມີຄຸນລັກນະໃນການຫາຂໍ້ມູນດັ່ງນີ້:

1 – [+] Dns Lookup

2 – [+] Whois Lookup

3 – [+] Nmap scan

4 – [+] Zone Transfer Lookup

5 – [+] Shared DNS server lookup

6 – [+] Web Scrapper

7 – [+] Reverse DNS lookup

8 – [+] Subnet calculator

9 – [+] Admin panel finder (with Screenshots)

10 – [+] Directory Bruteforce (with Screenshots)

11 – [+] Configuration Files Finder

12 – [+] HTTP Header Information

13 – [+] GeoIp Lookup

14 – [+] Find/Analyze Content Management System (CMS)

15 – [+] Email Hunter (find emails of the company)

16 – [+] Use Rapid7 Open Data’s Project Sonar for Finding Subdomains)

17 – [+] Use Virustotal API for Finding subdomains

18 – [+] Use Threatcrowd’s API for Finding subdomains

19 – [+] Run All scans
[Read more…]

freevulnsearch
Image does not exist: https://securityonline.info/wp-content/uploads/2019/01/Annotation-2019-01-19-150018.jpg
ນີ້ເປັນສະຄລິບ NMAP NSE ເປັນສ່ວນໜຶ່ງຂອງ ໂຄງການ OCSAF (ເວັບໄຊ https://freecybersecurity.org). ຮ່ວມສະແກນກັບ “-sV” ໃນ NMAP, ຊ່ອງໂຫວ່ທີ່ກ່ຽວຂ້ອງແມ່ນຖືກກຳນົດໂດຍອັດຕະໂນມັດ ດ້ວຍ ການນຳໃຊ້ CVE (Common Vulnerabilities and Exposures) ແລະ ລະດັບຄວາມຮູນແຮງຂອງ ຊ່ອງໂຫວ່ ແມ່ນກຳນົດດ້ວຍການໃຊ້ CVSS (Common Vulnerability Scoring System) ສຳລັບລາຍລະອຽດ, ຊ່ອງໂຫວ່ ແມ່ນຖືກກຳນົດຕາມ OSSTMM Framework.

[Read more…]

Image does not exist: https://www.instantssl.com/images/http-vs-https.png

ຄວາມປອດໄພເທິງໂລກອອນລາຍເປັນເລື່ອງທີ່ຜູ້ໃຊ້ງານໃຫ້ຄວາມສຳຄັນເປັນຢ່າງຫຼາຍ ໂດຍສະເພາະກັບຂໍ້ມູນສ່ວນຕົວ ແລະ ຂໍ້ມູນດ້ານການຊຳລະເງີນ ຊຶ່ງ HTTP ແລະ HTTPS ເປັນຕົວປ່ຽນສຳຄັນຢ່າງໜຶ່ງດ້ານຄວາມປອດໄພ.
ຜູ້ທີ່ໃຊ້ບໍລິການອິນເຕີເນັດອາດຈະເຄີຍພົບກັບບັນຫາດ້ານຄວາມປອດໄພແມ່ນບໍ? ບາງເວັບໄຊເປີດຂື້ນມາຈະພົບກັບໜ້າຈໍທີ່ມີເສັ້ນສີແດງພ້ອມແຈ້ງເຕືອນ “ເວັບໄຊນີ້ບໍ່ສາມາດໃຫ້ການເຊື່ອມຕໍ່ທີ່ປອດໄພ” ຫຼື ຂໍ້ຄວາມອື່ນໆ ທີ່ບໍ່ສາມາດເຮັດໃຫ້ເຂົ້າເຖິງເວັບໄຊໄດ້ ຫຼື ບາງເວັບໄຊໃນແຖບ URL ຈະພົບຂໍ້ຄວາມ Not Secure ຫຼື ບໍ່ປອດໄພດ້ານໜ້າ ຊຶ່ງເຮັດໃຫ້ເປັນທີ່ຫວາດລະແວງ ຂອງບັນດາຜູ້ໃຊ້ງານ.
ໂດຍສາເຫດມາຈາກລະບົບຄວາມປອດໄພຂອງເວັບໄຊຕ່າງໆ ສັງເກດໄດ້ວ່າເວັບໄຊທີ່ບໍ່ປອດໄພຈະຂຶ້ນຕົ້ນດ້ວຍ HTTP ເທົ່ານັ້ນ ສ່ວນເວັບໄຊທີ່ປອດໄພຈະເປັນການໃຊ້ງານ HTTPS ຊຶ່ງທັງສອງຢ່າງນີ້ຕ່າງກັນແນວໃດມາເບິ່ງນຳກັນເລີຍ
HTTP (Hypertext Transport Protocol) ເປັນໂປຣໂຕຄອນສຳລັບການສື່ສານຈະໃຊ້ເມື່ອເປີດໂປຣແກຣມເທິງບຣາວເຊິ ເຊັ່ນ: Chrome, Firefox, Internet Explorer ເພື່ອເປີດເບິ່ງຂໍ້ມູນ ຫຼື ເວັບໄຊຕ່າງໆ ບຣາວເຊິຈະໃຊ້ HTTP ເປັນຕົວຮຽກໃຫ້ເຊິເວິສົ່ງຂໍ້ມູນມາໃຫ້ເພື່ອສະແດງຜົນເທິງໜ້າຈໍໄດ້ຢ່າງຖືກຕ້ອງ ໂດຍເປັນການສົ່ງຂໍ້ມູນແບບ Clear text ບໍ່ໄດ້ມີການເຂົ້າລະຫັດ ເຮັດໃຫ້ສາມາດຖືກດັກຈັບ ແລະ ອ່ານຂໍ້ມູນໄດ້ງ່າຍ.
[Read more…]