IF(A73X) {TRUE;}

what is .htaccess?
htaccess is a server configuration file which is use for Apache Web Server software. when a .htaccess place in a web directory then this .htaccess file loaded via Apache Web Server and follow .htaccess instructions. Apache web server works which command use on .htaccess file. .htaccess files provide a way to change web server configurations.
Custom Directory Index Files

DirectoryIndex index.php index.html index.htm

Prevent Directory Listing

Options -Indexes

Force www or non-www

You can specify your website www or non-www by using .htaccess www and non-www means when a user browse your website then which type of link will display in users browser.
www.example.com or example.com selct is yours. You can specify it using .htaccess

RewriteCond %{HTTP_HOST} ^example.com [NC]
 RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301] 

 RewriteCond %{HTTP_HOST} ^www.example.com [NC]
 RewriteRule ^(.*)$ http://example.com/$1 [L,R=301] 

Custom Error Page
You can setup custom error pages for your website. If you not set custom error pages for your website then your website will display default error pages which are provided by your hosting service provider. but you can set custom error pages using a .htaccess file.

ErrorDocument 400 error/400-badrequest.php
ErrorDocument 401 error/401-authorizationrequired.php
ErrorDocument 404 error/404-notfound.php
ErrorDocument 403 error/403-forbidden.php
ErrorDocument 500 error/500-servererror.php

[Read more…]

# Enable rewrite engine

RewriteEngine On

# Block suspicious request methods

RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ — [F,L]

# Block WP timthumb hack

RewriteCond %{REQUEST_URI} (timthumb.php|phpthumb.php|thumb.php|thumbs.php) [NC]
RewriteRule . — [S=1]

# Block suspicious user agents and requests

RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (;|<|>|’|”|)|(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
RewriteCond %{THE_REQUEST} ? HTTP/ [NC,OR]
RewriteCond %{THE_REQUEST} /* HTTP/ [NC,OR]
RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
RewriteCond %{THE_REQUEST} (%0A|%0D) [NC,OR]
# Block MySQL injections, RFI, base64, etc.
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=(..//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0–9_]=/([a-z0–9_.]//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} =PHP[0–9a-f]{8}-[0–9a-f]{4}-[0–9a-f]{4}-[0–9a-f]{4}-[0–9a-f]{12} [NC,OR]
RewriteCond %{QUERY_STRING} (../|..) [OR]
RewriteCond %{QUERY_STRING} ftp: [NC,OR]
RewriteCond %{QUERY_STRING} http: [NC,OR]
RewriteCond %{QUERY_STRING} https: [NC,OR]
RewriteCond %{QUERY_STRING} =|w| [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C).*iframe.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [NC,OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*([^)]*) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0–9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} <em>REQUEST(=|[|%[0–9A-Z]{0,2}) [OR]
RewriteCond %{QUERY</em>STRING} ^.*([|]|(|)|<|>).* [NC,OR]
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
RewriteCond %{QUERY_STRING} (./|../|…/)+(motd|etc|bin) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127.0.0.1) [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{QUERY_STRING} concat[^(]*( [NC,OR]
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|’|”|)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
RewriteRule ^(.*)$ — [F,L]

.htaccess Code to Block SQL Injection Attacks in QUERY_STRING

##### Redirect If QUERY_STRING Has SQL Injection To Honeypot -- START
#QUERY_STRING contains everything in the URL after the "?" ex.) mydomain.com/test.php?test=test
#Excluded the commands like, version, update, insert, and set because they are common words and have caused false positives
RewriteCond %{QUERY_STRING} !^$
RewriteCond %{REQUEST_URI} !honeypot.php/
RewriteCond %{QUERY_STRING} union [NC,OR]
RewriteCond %{QUERY_STRING} select [NC,OR]
RewriteCond %{QUERY_STRING} cast [NC,OR]
RewriteCond %{QUERY_STRING} declare [NC,OR]
RewriteCond %{QUERY_STRING} drop [NC,OR]
RewriteCond %{QUERY_STRING} md5 [NC,OR]
RewriteCond %{QUERY_STRING} benchmark [NC,OR]
RewriteCond %{QUERY_STRING} table [NC,OR]
RewriteCond %{QUERY_STRING} column [NC,OR]
RewriteCond %{QUERY_STRING} distinct [NC,OR]
RewriteCond %{QUERY_STRING} substr [NC,OR]
RewriteCond %{QUERY_STRING} concat [NC,OR]
RewriteCond %{QUERY_STRING} schema [NC,OR]
RewriteCond %{QUERY_STRING} hex [NC,OR]
RewriteCond %{QUERY_STRING} truncate [NC,OR]
RewriteCond %{QUERY_STRING} convert [NC,OR]
RewriteCond %{QUERY_STRING} exec [NC,OR]
RewriteCond %{QUERY_STRING} passthru [NC,OR]
RewriteCond %{QUERY_STRING} system [NC,OR]
RewriteCond %{QUERY_STRING} popen [NC,OR]
RewriteCond %{QUERY_STRING} proc [NC,OR]
RewriteCond %{QUERY_STRING} load [NC,OR]
RewriteCond %{QUERY_STRING} between [NC,OR]
RewriteCond %{QUERY_STRING} null [NC,OR]
RewriteCond %{QUERY_STRING} delay [NC,OR]
RewriteCond %{QUERY_STRING} char [NC,OR]
RewriteCond %{QUERY_STRING} sleep [NC,OR]
RewriteCond %{ QUERY_STRING } schema [NC,OR]
RewriteCond %{QUERY_STRING} unhex [NC]
RewriteRule ^(.*)$ /honeypot.php/ [NC,L]
##### Redirect If QUERY_STRING Has SQL Injection To Honeypot -- END

[Read more…]

Step 1: Enable mod_rewrite

sudo a2enmod rewrite

You must restart Apache once you make any change to its configuration. To do this, type the command below on a terminal window:

sudo systemctl restart apache2

Your server is now ready to accept rewrite rules.
Step 2: Setup your server to accept .htaccess files
By default, Apache does not allow the use of ‘.htaccess’ file so you will need to edit the configuration of each website’s virtual host file by adding the following code:

<Directory /var/www/html>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Require all granted
</Directory>

[Read more…]

Step 1: Install certbot-auto tool

wget https://dl.eff.org/certbot-auto
chmod +x certbot-auto

Move the script to directory in your PATH.

sudo mv certbot-auto /usr/local/bin

Confirm it working.

sudo certbot-auto --version

Step 2: Stop Zimbra Proxy Service

We need to stop the jetty or nginx service services before we can configure it to use Let’s Encrypt SSL certificate.

$ sudo su - zimbra -c "zmproxyctl stop"
Stopping proxy...done.
$ sudo su - zimbra -c "zmmailboxdctl stop"
Stopping mailboxd...done.

Step 3: Obtain Let’s Encrypt SSL Certificate
Once the Zimbra proxy and mailboxd services are stopped we can proceed to request for Let’s Encrypt in auto mode. Make sure you pass all the hostnames used by your Mail Server.

# export EMAIL="[email protected]"
# certbot-auto certonly --standalone 
  -d mail.computingforgeeks.com 
  --preferred-challenges http 
  --agree-tos 
  -n 
  -m $EMAIL 
  --keep-until-expiring

You can find all your files under /etc/letsencrypt/live/$domain

$ ls -lh /etc/letsencrypt/live/mail.computingforgeeks.com
total 4.0K
lrwxrwxrwx. 1 root root  50 Jul  5 23:42 cert.pem -> ../../archive/mail.computingforgeeks.com/cert1.pem
lrwxrwxrwx. 1 root root  51 Jul  5 23:42 chain.pem -> ../../archive/mail.computingforgeeks.com/chain1.pem
lrwxrwxrwx. 1 root root  55 Jul  5 23:42 fullchain.pem -> ../../archive/mail.computingforgeeks.com/fullchain1.pem
lrwxrwxrwx. 1 root root  53 Jul  5 23:42 privkey.pem -> ../../archive/mail.computingforgeeks.com/privkey1.pem
-rw-r--r--. 1 root root 692 Jul  5 23:42 README

[Read more…]

CloneFileInfo [Delphi]

function CloneFileInfoA(sSource: String; sDestin: String): Bool;
var
  dwRes:        DWORD;
  dwFile:       DWORD;
  dwSize:       DWORD;
  dwLangID:     DWORD;
  dwSrcSize:    DWORD;
  dwDestSize:   DWORD;
  bSrcData:     TBytes;
  bDestData:    TBytes;
  ptrBuffer:    Pointer;
begin
  Result := True;
  dwRes:= 0;
  dwLangID := 0;
  dwSrcSize := 0;
  dwDestSize := 0;
 
  dwSrcSize := GetFileVersionInfoSize(PChar(sSource), dwFile);
 
  if dwSrcSize = 0 then
  begin
    Result := False;
    Exit;
  end;
 
  SetLength(bSrcData, dwSrcSize);
  GetFileVersionInfo(PChar(sSource), dwFile, dwSrcSize, @bSrcData[0]);
 
  dwDestSize := GetFileVersionInfoSize(PChar(sSource), dwFile);
 
  if dwDestSize = 0 then
  begin
    Result := False;
    Exit;
  end;
 
  SetLength(bDestData, dwDestSize);
  GetFileVersionInfo(PChar(sDestin), dwFile, dwDestSize, @bDestData[0]);
 
  VerQueryValue(@bDestData[0], PChar('VarFileInfoTranslation'), ptrBuffer, dwSize);
  dwRes := BeginUpdateResource(PChar(sDestin), False);
 
  CopyMemory(@dwLangID, ptrBuffer, 2);
  UpdateResource(dwRes, RT_VERSION, PChar(VS_VERSION_INFO), dwLangID, @bSrcData[0], dwSrcSize);
  EndUpdateResource(dwRes, False);
end;

Declare API

Private Declare Function InternetGetConnectedState Lib "wininet" (ByRef dwflags As Long, _
  ByVal dwReserved As Long) As Long
Private Const CONNECT_LAN As Long = &H2
  Private Const CONNECT_MODEM As Long = &H1
  Private Const CONNECT_PROXY As Long = &H4
  Private Const CONNECT_OFFLINE As Long = &H20
  Private Const CONNECT_CONFIGURED As Long = &H40

Function:

Public Function IsWebConnected(Optional ByRef ConnType As String) As Boolean
      Dim dwflags As Long
      Dim WebTest As Boolean
      ConnType = ""
      WebTest = InternetGetConnectedState(dwflags, 0&)
      Select Case WebTest
          Case dwflags And CONNECT_LAN: ConnType = "LAN"
          Case dwflags And CONNECT_MODEM: ConnType = "Modem"
          Case dwflags And CONNECT_PROXY: ConnType = "Proxy"
          Case dwflags And CONNECT_OFFLINE: ConnType = "Offline"
          Case dwflags And CONNECT_CONFIGURED: ConnType = "Configured"
          Case dwflags And CONNECT_RAS: ConnType = "Remote"
      End Select
      IsWebConnected = WebTest
  End Function
  Private Sub Command1_Click()
      Dim msg As String
      If IsWebConnected(msg) Then
          msg = "You are connected to the Internet via: " & msg
      Else
          msg = "You are not connected to the Internet."
      End If
      
      MsgBox msg, vbOKOnly, "Internet Connection Status"
  End Sub

[Read more…]