DirectoryIndex index.php RewriteEngine On RewriteBase /home/disa/public_html/ ########## Begin - Rewrite rules to block out some common exploits## If you experience problems on your site block out the operations listed below## This attempts to block the most common type of exploit `attempts` to Joomla!### Deny access to extension xml files (uncomment out to activate)#<Files ~ "\.xml$">#Order allow,deny#Deny from all#Satisfy all#</Files>## End of deny access to extension xml files# Block out any script trying to set a mosConfig value through the URLRewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URLRewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a <script> tag in URLRewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URLRewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URLRewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error!RewriteRule ^(.*)$ index.php [F,L] ########### End - Rewrite rules to block out some common exploits RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]