Securing Joomla! – .htaccess file

A lot of chaos has happened over the last few weeks concerning non-secure Joomla! 3rd Party components. As a result, we have secured our site in every possible way. This includes utilizing the all-famous .htaccess file. Below is our version of our .htaccess file that keeps our site secure. We suggest you do the same:


# Use Options
Options +FollowSymLinks

# mod_rewrite in use
RewriteEngine On

# Base location
RewriteBase /

# Begin Rules for rewrite
RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional – see notes##
RewriteCond %{REQUEST_FILENAME} !.(jpg|jpeg|gif|png|css|js|pl|txt)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php
# End Rules for rewrite

# Add .htc files
AddType text/x-component .htc

########## Begin – Rewrite rules to block out some common exploits
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a

STAY UP TO DATE

Sign up today to stay informed with industry news & trends