homepage Welcome to WebmasterWorld Guest from 54.166.148.189
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Removing query string
website has been spammed...
leeds1




msg:3828875
 1:42 pm on Jan 18, 2009 (gmt 0)

Hi

My website has been spammed using my search function with urls like:

site.com/search/index.php?somepammydirect?andlots-of-variables

in modrewrite is there a way to redirect all the {query_strings} after the .php and simply redirect them to /search/index.html

?

thanks

 

jdMorgan




msg:3828949
 5:00 pm on Jan 18, 2009 (gmt 0)

Does /search/index.php accept any *valid* query strings?

If not, then

RewriteCond %{QUERY_STRING} .
RewriteRule ^search/index.php$ http://www.example.com/search/index.ph[b]p?[/b] [R=301,L]

can be used in your Web root .htaccess file to redirect to remove *all* query strings from those requests.

I assume you already have other working rewriterules, so I'm not showing the mod_rewrite "setup" directives here.

Make sure the hostname in the substitution URL is your canonical domain, and place this rule ahead of any general domain canonicalization redirect rule. (Order your rules by external redirects first, from most-specific URL-pattern to least-specific, followed by internal rewrites, again from most-specific to least specific. This avoids chained or stacked redirects, and avoids having an external redirect expose your internal script filepaths to clients.)

Jim

leeds1




msg:3828973
 6:13 pm on Jan 18, 2009 (gmt 0)

Hi - thanks for that - it all worked

I also added the line below to redirect /search/index.php to /search/index.html directly after the code above (as it was stripping the query but putting to index.php)

Redirect 301 /search/index.php http://www.example.com/search/index.html

jdMorgan




msg:3828979
 6:26 pm on Jan 18, 2009 (gmt 0)

Do not mix mod_alias and mod_rewrite directives. If you ever change servers, there's no guarantee that the two modules will execute in the same order.

Code in .htaccess is 'scanned' by the Apache modules in LoadModule order, and each module processes only the directives it understands. As such, the order of directives in your .htaccess file does not control execution order, except among directives handled by the same module.

If index.html is the proper URL, then put that in the substitution URL of the code I posted. Do not force the user and server to go through two client redirects to get to the proper content.

Also, consider redirecting /<any_dir>/index.<anything> to "/<any_dir>/" -- There is no benefit to "exposing" your index page URL-path or "technology" to the client. It looks cluttered in search results, and for direct type-ins it's just extra unneeded characters. Let's put it this way: Do you go to www.google.com, or to www.google.com/index.py?

Jim

g1smd




msg:3828980
 6:28 pm on Jan 18, 2009 (gmt 0)

Don't mix rules with
Redirect and rules with RewriteRule in the same .htaccess file.

Order of processing is not guaranteed because stuff is processed in the order of which Apache module needs to handle it, and you have commands from two different modules (Mod_Alias and Mod_Rewrite) listed.

If you use RewriteRule for one of them, then use RewriteRule for all of them.

Here you can install a site-wide redirect that strips index.html from all requests and forces www at the same time.

Finally, link to the shorter URL from within your site.

Typically, this index redirect is listed just before your site-wide non-www to www 301 redirect.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved