PDA

View Full Version : Setting up 7G firewall - .htaccess website firewall to protect dynamic - PHP websites



Fli
12-17-2023, 08:13 AM
7G firewall can prevent exploiting many vulnerabilities inside a PHP code

https://perishablepress.com/7g-firewall

How I have installed it?

1. download latest archive and unpack it: https://perishablepress.com/7g-firewall/#download
2. In case you have complex site and you may want to download also logging script and file to catch false positive blocking:
2.1 Logging script is at https://perishablepress.com/7g-firewall-log-blocked-requests/#download and unpack it
2.2 upload the 7G_log.php and 7G_log.txt to your website root/main directory.
2.3 edit preferences of the uploaded 7G_log.txt to set it to 600 (only owner can read and write into the file).
2.4 inside downloaded file 7G-Firewall.txt search for: RewriteRule .* - [F,L]
2.5 and replace it by: # RewriteRule .* - [F,L]
2.6 then search for: # RewriteRule .* /7G_log.php?log
2.7 and replace it by: RewriteRule .* /7G_log.php?log
2.8 save adjusted file as 7G-Firewall-logging-enabled.txt
3. make a backup copy of your site main .htaccess file located in your website root/main directory.
4. open your site .htaccess file for editing and in the first line, paste the contents of the downloaded 7G-Firewall.txt or 7G-Firewall-logging-enabled.txt (depending on whether you want to have logging on or off).
5. browse all important pages of your site to check that all important functions are working without being blocked. If you are blocked (false positive), you may temporarily remove half of 7G sections from htaccess, then other half, half of half to determine which rule is causing the blocking so you can remove the rule or comment it out by prefixing with "#".
6. schedule regular check of the file 7G_log.txt using FTP client or web file manager of your hosting.