Javascript 在.htaccess中出现Clickjacking阻塞错误500
为了在我的站点上中断iFraming,我在.httaccess文件(在Apache上运行)中添加了以下两行代码 只有添加X帧才能正常工作 当我添加内容安全策略行以及X-frame时,我得到一个错误500 我正在使用localhost 任何建议Javascript 在.htaccess中出现Clickjacking阻塞错误500,javascript,html,apache,.htaccess,iframe,Javascript,Html,Apache,.htaccess,Iframe,为了在我的站点上中断iFraming,我在.httaccess文件(在Apache上运行)中添加了以下两行代码 只有添加X帧才能正常工作 当我添加内容安全策略行以及X-frame时,我得到一个错误500 我正在使用localhost 任何建议 <Files .htaccess> order allow,deny deny from all </Files> RewriteEngine On # Break any iFraming for clickjacking
<Files .htaccess>
order allow,deny
deny from all
</Files>
RewriteEngine On
# Break any iFraming for clickjacking
Header always unset X-Frame-Options
Content-Security-Policy: frame-ancestors 'self'
# Disable Directory Browsing
Options All -Indexes
IndexIgnore *
# Blocks a lot of site rippers
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} ^WinHTTrack [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^Suck [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]
命令允许,拒绝
全盘否定
重新启动发动机
#打破任何点击劫持的假象
标题始终未设置X帧选项
内容安全策略:框架祖先“自我”
#禁用目录浏览
选项所有-索引
IndexIgnore*
#阻止了大量的现场裂土器
重写COND%{HTTP_用户_代理}^黑寡妇[或]
重写cond%{HTTP\u USER\u AGENT}^Bot\mailto:craftbot@yahoo.com[或]
RewriteCond%{HTTP\u USER\u AGENT}^ChinaClaw[或]
RewriteCond%{HTTP\u USER\u AGENT}^Custo[或]
RewriteCond%{HTTP\u USER\u AGENT}^DISCo[或]
RewriteCond%{HTTP\u USER\u AGENT}^Download\Demon[或]
RewriteCond%{HTTP_USER_AGENT}^eCatch[或]
RewriteCond%{HTTP\u USER\u AGENT}^EirGrabber[或]
RewriteCond%{HTTP\u USER\u AGENT}^电子邮件虹吸[或]
RewriteCond%{HTTP\u USER\u AGENT}^EmailWolf[或]
RewriteCond%{HTTP\u USER\u AGENT}^Express\WebPictures[或]
RewriteCond%{HTTP\u USER\u AGENT}^ExtractorPro[OR]
RewriteCond%{HTTP\u USER\u AGENT}^EyeNetIE[或]
RewriteCond%{HTTP\u USER\u AGENT}^FlashGet[或]
RewriteCond%{HTTP\u USER\u AGENT}^GetRight[或]
重写cond%{HTTP\u USER\u AGENT}^GetWeb![或]
重写cond%{HTTP\u USER\u AGENT}^Go!齐拉[或]
RewriteCond%{HTTP\u USER\u AGENT}^继续,明白了[或]
RewriteCond%{HTTP\u USER\u AGENT}^GrabNet[或]
RewriteCond%{HTTP\u USER\u AGENT}^Grafula[或]
RewriteCond%{HTTP\u USER\u AGENT}^HMView[或]
RewriteCond%{HTTP\u USER\u AGENT}^WinHTTrack[或]
RewriteCond%{HTTP\u USER\u AGENT}HTTrack[NC,或]
RewriteCond%{HTTP\u USER\u AGENT}^Image\Stripper[或]
RewriteCond%{HTTP\u USER\u AGENT}^Image\Sucker[或]
RewriteCond%{HTTP\u USER\u AGENT}Indy\Library[NC,或]
RewriteCond%{HTTP\u USER\u AGENT}^InterGET[或]
重写COND%{HTTP_用户_代理}^Internet\Ninja[或]
RewriteCond%{HTTP\u USER\u AGENT}^JetCar[或]
RewriteCond%{HTTP\u USER\u AGENT}^JOC\Web\Spider[或]
RewriteCond%{HTTP\u USER\u AGENT}^larbin[或]
RewriteCond%{HTTP\u USER\u AGENT}^LeechFTP[或]
RewriteCond%{HTTP\u USER\u AGENT}^Mass\Downloader[或]
RewriteCond%{HTTP\u USER\u AGENT}^MIDown\tool[或]
RewriteCond%{HTTP\u USER\u AGENT}^Mister\PiX[或]
RewriteCond%{HTTP_USER_AGENT}^Navroad[OR]
RewriteCond%{HTTP\u USER\u AGENT}^NearSite[或]
RewriteCond%{HTTP\u USER\u AGENT}^NetAnts[或]
RewriteCond%{HTTP_USER_AGENT}^NetSpider[或]
RewriteCond%{HTTP\u USER\u AGENT}^Net\Vampire[或]
RewriteCond%{HTTP\u USER\u AGENT}^NetZIP[或]
重写Cond%{HTTP_用户_代理}^八达通[或]
RewriteCond%{HTTP\u USER\u AGENT}^Offline\Explorer[或]
RewriteCond%{HTTP\u USER\u AGENT}^Offline\Navigator[或]
RewriteCond%{HTTP\u USER\u AGENT}^PageGrabber[或]
重写cond%{HTTP\u USER\u AGENT}^Papa\Foto[或]
RewriteCond%{HTTP_USER_AGENT}^pavuk[或]
RewriteCond%{HTTP_USER_AGENT}^pcBrowser[或]
RewriteCond%{HTTP\u USER\u AGENT}^RealDownload[或]
RewriteCond%{HTTP\u USER\u AGENT}^ReGet[或]
RewriteCond%{HTTP_用户_代理}^SiteSnagger[或]
RewriteCond%{HTTP\u USER\u AGENT}^智能下载[或]
RewriteCond%{HTTP\u USER\u AGENT}^SuperBot[或]
RewriteCond%{HTTP\u USER\u AGENT}^superhattp[或]
RewriteCond%{HTTP\u USER\u AGENT}^Surfbot[或]
RewriteCond%{HTTP\u USER\u AGENT}^抽头[或]
RewriteCond%{HTTP\u USER\u AGENT}^Teleport\Pro[或]
RewriteCond%{HTTP_USER_AGENT}^VoidEYE[或]
RewriteCond%{HTTP\u USER\u AGENT}^Web\Image\Collector[或]
RewriteCond%{HTTP\u USER\u AGENT}^Web\Sucker[或]
RewriteCond%{HTTP\u USER\u AGENT}^Suck[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebAuto[或]
RewriteCond%{HTTP_USER_AGENT}^WebCopier[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebFetch[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebGo\IS[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebLeacher[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebReaper[或]
RewriteCond%{HTTP_USER_AGENT}^WebSauger[或]
RewriteCond%{HTTP\u USER\u AGENT}^网站\提取器[或]
重写COND%{HTTP_用户_代理}^网站\Quester[或]
RewriteCond%{HTTP_USER_AGENT}^WebStripper[或]
RewriteCond%{HTTP_USER_AGENT}^WebWhacker[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebZIP[或]
RewriteCond%{HTTP\u USER\u AGENT}^Wget[或]
RewriteCond%{HTTP\u USER\u AGENT}^寡妇[或]
RewriteCond%{HTTP\u USER\u AGENT}^WWWOFFLE[或]
RewriteCond%{HTTP_USER_AGENT}^Xaldon\WebSpider[或]
重写cond%{HTTP\u USER\u AGENT}^Zeus
重写规则^.*-[F,L]
我认为它的内容安全策略:“框定祖先的自我”
#破坏任何点击劫持的iFraming
。标题始终未设置X-frame-Options
。。。没有X-Frame-Options
“中断点击劫持”怎么办?解决了!需要在Apache:a2enmod headers sudo service apache2 restart上启用头文件,然后在Apache:sudo nano/etc/apache2/sites available/000-default.conf上编辑默认虚拟主机文件将此添加到文件:Header set Content Security Policy“frame concents'none';“再次重新启动Apache HTAccess-省去内容安全策略行,但是保留X-Frame one,它可以很好地工作:)我认为它的内容安全策略:“框架祖先的自我”
#打破点击劫持的任何iFraming
。标题总是取消X-Frame-Options
。。。没有X-Frame-Options
“中断点击劫持”怎么办?解决了!需要在Apache:a2enmod headers sudo service apache2 restart上启用头文件,然后在Apache:sudo nano/etc/apache2/sites available/000-default.conf上编辑默认虚拟主机文件将此添加到文件:Header set Content Security Policy“frame concents'none';“再次重新启动Apache HTAccess-省去内容安全策略行,但保留X-Frame 1,它会很好地工作:)
<Files .htaccess>
order allow,deny
deny from all
</Files>
RewriteEngine On
# Break any iFraming for clickjacking
Header always unset X-Frame-Options
Content-Security-Policy: frame-ancestors 'self'
# Disable Directory Browsing
Options All -Indexes
IndexIgnore *
# Blocks a lot of site rippers
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} ^WinHTTrack [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^Suck [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]