# Hardened Apache Mod_Rewrite Security Rule # Ref: http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewritecond # NC = ‘nocase|NC’ (no case-sensitive) # OR = ‘ornext|OR’ (or next condition) # L = last rule RewriteEngine on

# Allow only GET and POST verbs # ‘Coz most vul scanners use HEAD for hunting buggy files existence RewriteCond %{REQUEST_METHOD} !^(GET|POST)$ [NC,OR] # Ban Non-GUI […]