homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

Response to random requests

WebmasterWorld Senior Member 10+ Year Member

Msg#: 4241531 posted 12:54 pm on Dec 12, 2010 (gmt 0)

I'm working on a site that has been hacked, and am trying to remove the thousands of invalid search results.

Looking at the server logs I'm finding examples like this:
"GET /Z7WybgVLc/ HTTP/1.1" 200

Of course, these entries don't exist, at least not for now...

In the htaccess file I've created these rules:

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[a-z0-9]{9}\/$ index.php [G,L,NC]
RewriteRule ^[a-z0-9]{8}\/$ index.php [G,L,NC]
RewriteRule ^[a-z0-9]{7}\/$ index.php [G,L,NC]

The idea is to return GONE for any random requests of 7,8, or 9 characters/numbers that ends with "/".

I've tested this, and it seems to work. However, since mod-rewrite is nothing but voodoo, I thought I'd ask to see if I'm missing anything that should be obvious.



WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 4241531 posted 6:55 pm on Dec 12, 2010 (gmt 0)

Beware that as shown, the RewriteCond only affected the first rule, and not the final two.

The ruleset simplifies to:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[a-z0-9]{7,9}/$ - [G,NC]

You probably don't even need the RewriteCond, as you probably don't have files without extensions on the server.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved