#Block Abusive user agent
Rewriteengine on
RewriteCond %{HTTP_USER_AGENT} "Mozilla/4\.0 \(compatible; MSIE 9\.0; Windows NT 6\.1\)" [OR]
RewriteCond %{HTTP_USER_AGENT} "Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1; SV1\)" [OR]
RewriteCond %{HTTP_USER_AGENT} "Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.0\)" [OR]
RewriteCond %{HTTP_USER_AGENT} "Mozilla/5\.0 \(compatible; MSIE 9\.0; Windows NT 6\.1; WOW64; Trident\/5\.0\)" [OR]
RewriteCond %{HTTP_USER_AGENT} "Mozilla/5\.0 \(compatible; MSIE 10\.0; Windows NT 6\.2\)"
Rewriterule ^.*$ - [F,L]


#Block empty user agents and http referers
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^-?$
RewriteCond %{HTTP_REFERER} ^-?$
RewriteRule . - [F,L]


#Block Bad Bots
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} SemrushBot  [OR]
RewriteCond %{HTTP_USER_AGENT} Baiduspider [OR]
RewriteCond %{HTTP_USER_AGENT} Yandex [OR]
RewriteCond %{HTTP_USER_AGENT} MJ12bot  [OR]
RewriteCond %{HTTP_USER_AGENT} Feedfetcher-Google [OR]
RewriteCond %{HTTP_USER_AGENT} "Blogtrottr/2.0"
RewriteRule . - [F,L]

# Aggressive Search Engine
SetEnvIfNoCase User-Agent "SemrushBot" bad_bot

# Aggressive Chinese Search Engine
SetEnvIfNoCase User-Agent "Baiduspider" bad_bot

# Aggressive Russian Search Engine
SetEnvIfNoCase User-Agent "Yandex" bad_bot

# Aggressive MJ12bot Search Engine
SetEnvIfNoCase User-Agent "MJ12bot" bad_bot

# Aggressive FeedFetcher  Search Engine
SetEnvIfNoCase User-Agent "Feedfetcher-Google" bad_bot

<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>
#End of Abusive user agent


############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi

#    Action php5-cgi /cgi-bin/php5-cgi
#    AddHandler php5-cgi .php

############################################
## GoDaddy specific options

#   Options -MultiViews

## you might also need to add this line to php.ini
##     cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini

############################################
## this line is specific for 1and1 hosting

    #AddType x-mapp-php5 .php
    #AddHandler x-mapp-php5 .php

############################################
## default index file

    DirectoryIndex index.php

<IfModule mod_php5.c>

############################################
## adjust memory limit

#    php_value memory_limit 64M
    php_value memory_limit 256M
    php_value max_execution_time 18000

############################################
## disable magic quotes for php request vars

    php_flag magic_quotes_gpc off

############################################
## disable automatic session start
## before autoload was initialized

    php_flag session.auto_start off

############################################
## enable resulting html compression

    #php_flag zlib.output_compression on

###########################################
# disable user agent verification to not break multiple image upload

    php_flag suhosin.session.cryptua off

###########################################
# turn off compatibility with PHP4 when dealing with objects

    php_flag zend.ze1_compatibility_mode Off

</IfModule>

<IfModule mod_security.c>
###########################################
# disable POST processing to not break multiple image upload

    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>

<IfModule mod_deflate.c>

############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip

    # Insert filter on all content
    ###SetOutputFilter DEFLATE
    # Insert filter on selected content types only
    #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript

    # Netscape 4.x has some problems...
    #BrowserMatch ^Mozilla/4 gzip-only-text/html

    # Netscape 4.06-4.08 have some more problems
    #BrowserMatch ^Mozilla/4\.0[678] no-gzip

    # MSIE masquerades as Netscape, but it is fine
    #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

    # Don't compress images
    #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    # Make sure proxies don't deliver the wrong content
    #Header append Vary User-Agent env=!dont-vary

</IfModule>

<IfModule mod_ssl.c>

############################################
## make HTTPS env vars available for CGI mode

    SSLOptions StdEnvVars

</IfModule>

<IfModule mod_rewrite.c>

############################################
## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

############################################
## you can put here your magento root folder
## path relative to web root

    #RewriteBase /magento/

############################################
## uncomment next line to enable light API calls processing

#    RewriteRule ^api/([a-z][0-9a-z_]+)/?$ api.php?type=$1 [QSA,L]

############################################
## rewrite API2 calls to api.php (by now it is REST only)

    RewriteRule ^api/rest api.php?type=rest [QSA,L]

############################################
## workaround for HTTP authorization
## in CGI environment

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks

    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]

############################################
## redirect for mobile user agents

    #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
    #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
    #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]

############################################
## always send 404 on missing files in these folders

    RewriteCond %{REQUEST_URI} !^/(media|skin|js)/

############################################
## never rewrite for existing files, directories and links

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

############################################
## rewrite everything else to index.php

    RewriteRule .* index.php [L]

</IfModule>


############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead

    AddDefaultCharset Off
    #AddDefaultCharset UTF-8

<IfModule mod_expires.c>

############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires

    ExpiresDefault "access plus 1 year"

</IfModule>

############################################
## By default allow all access

    Order allow,deny
    Allow from all

###########################################
## Deny access to release notes to prevent disclosure of the installed Magento version

    <Files RELEASE_NOTES.txt>
        order allow,deny
        deny from all
    </Files>

############################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags

    #FileETag none

###########################################
## Deny access to cron.php
    <Files cron.php>

############################################
## uncomment next lines to enable cron access with base HTTP authorization
## http://httpd.apache.org/docs/2.2/howto/auth.html
##
## Warning: .htpasswd file should be placed somewhere not accessible from the web.
## This is so that folks cannot download the password file.
## For example, if your documents are served out of /usr/local/apache/htdocs
## you might want to put the password file(s) in /usr/local/apache/.

        #AuthName "Cron auth"
        #AuthUserFile ../.htpasswd
        #AuthType basic
        #Require valid-user

############################################

        Order allow,deny
        Deny from all

    </Files>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 213.229.80.194
deny from 81.19.135.24
deny from 195.201.150.170
deny from 185.174.159.245
deny from 51.79.80.39
deny from 114.119.147.203
deny from 185.220.101.29
deny from 114.119.154.81
deny from 74.234.242.226
deny from 40.83.61.52
deny from 20.241.233.77
deny from 114.119.146.4
deny from 52.114.32.28
deny from 40.113.122.86
deny from 192.42.116.194
deny from 23.137.251.61
deny from 94.23.222.159
deny from 185.220.100.247
deny from 157.90.181.221
deny from 192.42.116.195
deny from 65.109.231.143
deny from 107.189.5.217
deny from 141.95.71.219
deny from 192.42.116.210
deny from 42.236.10.125
deny from 185.220.100.255
deny from 20.211.123.100
deny from 168.63.73.174
deny from 207.46.13.210
deny from 87.250.224.232
deny from 79.137.207.203
deny from 20.109.123.205
deny from 185.220.100.251
deny from 54.36.108.162
deny from 213.180.203.187
deny from 52.207.242.154
deny from 134.122.191.181
deny from 15.235.15.135
deny from 37.228.129.24
deny from 192.42.116.192
deny from 20.168.78.150

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php56” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php56 .php .php5 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
deny from 23.99.213.161
deny from 20.226.115.47
deny from 161.117.9.99
deny from 54.39.18.150
deny from 18.220.128.229
deny from 172.174.131.246
deny from 192.178.10.127
deny from 34.195.164.78
deny from 192.42.116.193
deny from 114.119.142.186
deny from 185.195.71.3
deny from 27.115.124.109
deny from 3.95.63.197
deny from 18.217.25.136
deny from 45.139.122.241
deny from 20.125.134.140
deny from 23.152.225.2
deny from 89.58.54.46
deny from 185.220.101.172
deny from 114.119.137.91
deny from 104.45.211.239
deny from 54.148.39.147
deny from 54.202.125.228
deny from 20.150.142.250
deny from 18.185.137.135
deny from 40.83.61.236
deny from 23.99.199.204
deny from 213.180.203.205
deny from 34.227.199.200
deny from 138.246.253.24
deny from 2a01:04f9:006b:2588:0000:0000:0000:0002
deny from 109.70.100.21
