/
/
home
/
u523034047
/
domains
Server: in-mum-web1112.main-hosting.eu (62.72.28.111)
You: 216.73.216.4
PHP 8.3.16
Dir:
/home/u523034047/domains
Edit:
/home/u523034047/domains/htaccess_protector.php
<?php // CONFIG $rootPath = '/home/u523034047/domains/'; // Adjust if needed $logFile = __DIR__ . "/htaccess_secure_log.txt"; // log file path // WORDPRESS .htaccess $wordpressHtaccess = <<<EOD # Disable directory listing Options -Indexes # Protect hidden and sensitive files <FilesMatch "(^\.htaccess|\.htpasswd|\.env|wp-config\.php)$"> Order allow,deny Deny from all </FilesMatch> # Block access to hidden files (except .well-known) RewriteEngine On RewriteRule (^|/)\.(?!well-known) - [F] # Security headers <IfModule mod_headers.c> Header always set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set X-Content-Type-Options "nosniff" </IfModule> # Block zip uploads <FilesMatch "\.zip$"> Order allow,deny Deny from all </FilesMatch> # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress EOD; // NON-WORDPRESS .htaccess $basicHtaccess = <<<EOD # Disable directory listing Options -Indexes # Protect hidden and sensitive files (except for well-known) <FilesMatch "(^\.htaccess|\.htpasswd|\.env)$"> Order allow,deny Deny from all </FilesMatch> <Directory ~ "\.well-known"> Allow from all </Directory> # Block zip uploads <FilesMatch "\.zip$"> Order allow,deny Deny from all </FilesMatch> # Security headers <IfModule mod_headers.c> Header always set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set X-Content-Type-Options "nosniff" </IfModule> # Block access to hidden files (except .well-known) RewriteEngine On RewriteRule (^|/)\.(?!well-known) - [F] EOD; // FUNCTION TO SECURE ONE DOMAIN (force overwrite) function secureDomain($publicHtmlPath, $isWordPress, $wpHtaccess, $basicHtaccess, $logFile) { $htaccessPath = $publicHtmlPath . '/.htaccess'; $content = $isWordPress ? $wpHtaccess : $basicHtaccess; // Force overwrite .htaccess file_put_contents($htaccessPath, $content); // Now secure all index.* files $indexFiles = glob($publicHtmlPath . '/index.{php,html,htm}', GLOB_BRACE); foreach ($indexFiles as $file) { if (file_exists($file)) { // Set permissions -> only owner can write (rw-r--r--) chmod($file, 0644); // Owner=read/write, Group=read, Others=read // अगर सिर्फ owner read/write और बाकी सब deny करना है: // chmod($file, 0600); // Owner=read/write, Group/Other=none file_put_contents($logFile, date("Y-m-d H:i:s") . " | Secured index file: $file (chmod 644)\n", FILE_APPEND); echo "✔️ Secured index file: $file (chmod 644)\n"; } } // Prepare log $logMessage = date("Y-m-d H:i:s") . " | Secured: $publicHtmlPath (" . ($isWordPress ? "WordPress" : "Basic") . ")\n"; file_put_contents($logFile, $logMessage, FILE_APPEND); echo "✔️ $logMessage"; } // SCAN DOMAIN FOLDERS $domainFolders = array_filter(glob($rootPath . '*'), 'is_dir'); foreach ($domainFolders as $domain) { $publicHtmlPath = $domain . '/public_html'; if (is_dir($publicHtmlPath)) { // Detect WordPress $isWordPress = file_exists($publicHtmlPath . '/wp-config.php') || is_dir($publicHtmlPath . '/wp-includes'); secureDomain($publicHtmlPath, $isWordPress, $wordpressHtaccess, $basicHtaccess, $logFile); } } ?>
Ukuran: 3.5 KB