Перенес сайт с локалки на хост, пример .htaccess взял из данного раздела. В результате выдается ошибка 403
##
# @version $Id: htaccess.txt 21064 2011-04-03 22:12:19Z dextercowley $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your SEF url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension XML files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension XML files
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode data within the URL
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
########## End - Rewrite rules to block out some common exploits
########## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
########## End - Custom redirects
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
# RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} (/[^.]*|\.(php|html?|feed|pdf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
########## End - Joomla! core SEF Section
##### Start ?tp=1 prevention######
RewriteCond %{QUERY_STRING} tp=(.*)
RewriteRule ^(.*)$ index.php [F,L]
##### End ?tp=1 prevention ######
######Открываем доступ только опредиленным IP:
Order Deny,Allow
Deny from all
###########################
#Запрещаем просмотр содержимого папки
Options All -Indexes
#Запрет на доступ к файлам с несколькими расширениями:
#<Files ~ "\.(conf|cfg)$">
#Deny from all
#</Files>
####### Блокируем выполнение некоторых потенциально опасных функций из сценариев php #######
php_flag disable_functions show_source
php_flag disable_functions system
php_flag disable_functions shell_exec
php_flag disable_functions passthru
php_flag disable_functions exec
php_flag disable_functions phpinfo
php_flag disable_functions popen
php_flag disable_functions proc_open
### добавляем еще ###
php_flag disable_functions eval
php_flag disable_functions escapeshellarg
php_flag disable_functions escapeshellcmd
php_flag disable_functions proc_get_status
php_flag disable_functions proc_close
php_flag disable_functions chmod
php_flag disable_functions symlink
php_flag disable_functions fsocket
php_flag disable_functions pfsockopen
php_flag disable_functions fsockopen
php_flag disable_functions mail
php_flag disable_functions suhosin.executor.disable_emodifier
####### / Блокировки сценариев php #######
####### блокируем известные типы атак и программ, используемые для атак на сайты.#####
BrowserMatchNoCase ^libwww-perl blocktheaccess
BrowserMatchNoCase .*libwww-FM.* blocktheaccess
BrowserMatchNoCase ^wget blocktheaccess
BrowserMatchNoCase ^TeamSoft blocktheaccess
BrowserMatchNoCase "^Express WebPictures" blocktheaccess
BrowserMatchNoCase ^WebAuto blocktheaccess
BrowserMatchNoCase ^eCatch blocktheaccess
BrowserMatchNoCase ^InterGet blocktheaccess
BrowserMatchNoCase ^DOWNLOAD blocktheaccess
BrowserMatchNoCase ^Java1 blocktheaccess
BrowserMatchNoCase "^Internet Ninja" blocktheaccess
BrowserMatchNoCase "^Teleport Pro" blocktheaccess
BrowserMatchNoCase ^AllThumbs blocktheaccess
BrowserMatchNoCase ^Pockey-GetHTML blocktheaccess
BrowserMatchNoCase .*DnloadMage.* blocktheaccess
BrowserMatchNoCase .*HTTrack.* blocktheaccess
BrowserMatchNoCase .*WebLeacher.* blocktheaccess
BrowserMatchNoCase "^Microsoft URL Control" blocktheaccess
BrowserMatchNoCase ^Webdup blocktheaccess
BrowserMatchNoCase ^WebReaper blocktheaccess
BrowserMatchNoCase ^WebSauger blocktheaccess
BrowserMatchNoCase "^Mister PiX" blocktheaccess
BrowserMatchNoCase "^Offline Explorer" blocktheaccess
BrowserMatchNoCase "^Download Ninja" blocktheaccess
BrowserMatchNoCase ^Linkbot blocktheaccess
BrowserMatchNoCase ".*Link Sleuth.*" blocktheaccess
BrowserMatchNoCase ^SiteSnagger blocktheaccess
SetEnvIf Request_URI ".*/phpwcms" blocktheaccess
SetEnvIf Request_URI ".*/nonexistentfile.php$" blocktheaccess
SetEnvIf Request_URI ".*/xmlrpc.php$" blocktheaccess
SetEnvIf Request_URI ".*/adxmlrpc.php$" blocktheaccess
SetEnvIf Request_URI ".*/cmd.php$" blocktheaccess
SetEnvIf Request_URI ".*shell.php$" blocktheaccess
SetEnvIf Request_URI ".*r57\.php" blocktheaccess
SetEnvIf Request_URI ".*c99\.php" blocktheaccess
SetEnvIf Request_URI ".*mod_pxt_latest\.php" blocktheaccess
SetEnvIf Request_URI ".*functions_mod_user\.php" blocktheaccess
SetEnvIf Request_URI ".*favorites\.php" blocktheaccess
SetEnvIf Request_URI ".*configuration\.php" blocktheaccess
SetEnvIf Request_URI ".*component\.php" blocktheaccess
SetEnvIf Request_URI ".*controller\.php" blocktheaccess
SetEnvIf Request_URI ".*router\.php" blocktheaccess
SetEnvIf Request_URI ".*mosConfig_absolute_path" blocktheaccess
SetEnvIf Request_URI ".*^(.*)CAST(.*)" blocktheaccess
SetEnvIf Request_URI ".*^(.*)DECLARE(.*)" blocktheaccess
SetEnvIf Request_URI ".*base64_encode.*\(.*\)" blocktheaccess
SetEnvIf Request_URI ".*(\<|%3C).*script.*(\>|%3E)" blocktheaccess
SetEnvIf Request_URI ".*GLOBALS(=|\[|\%[0-9A-Z]{0,2})" blocktheaccess
SetEnvIf Request_URI ".*_REQUEST(=|\[|\%[0-9A-Z]{0,2})" blocktheaccess
SetEnvIfNoCase User-Agent "^libwww-perl*" blocktheaccess
Order deny,allow
Deny from env=blocktheaccess
####### / блокировки атак и программ#####
########## Блокируем плохиt боты и роботы ##########
SetEnvIfNoCase user-Agent ^FrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Java.* [NC,OR]
SetEnvIfNoCase user-Agent ^Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [NC,OR]
SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR]
SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR]
SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR]
SetEnvIfNoCase user-Agent ^Zeus [NC]
######### блокируем змея
########## Конец - утилиты проникновения
Не могу понять где запрет.... =(
10.05.2019, 13:02:26