Dijkgraaf
msg:4177022 | 1:50 am on Jul 27, 2010 (gmt 0) |
One solution would be something in your PHP to check that there is a query string ($_SERVER['QUERY_STRING']) and if there when you don't expect one give a response of 403 (Forbidden).
A 403 response is better than a 404 as it tell the requester not to try it again.
|
flicky
msg:4177035 | 2:19 am on Jul 27, 2010 (gmt 0) |
But this isn't related to any php script... my server just won't ignore parameters added to the end of any URL... those parameters should be seen as foreign and return 404.
http://www.mysite.com/whatever/testing.html?junk=somegarbage
That doesn't exist... so should return 404 but just returns a 200 for http://www.mysite.com/whatever/testing.html
|
g1smd
msg:4177129 | 7:00 am on Jul 27, 2010 (gmt 0) |
# Block ALL URLs with appended query string
RewriteCond %{QUERY_STRING} .
RewriteRule .* - [G]
|
|
