homepage Welcome to WebmasterWorld Guest from 54.166.14.218
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Unknown rewrite rule
leemon

10+ Year Member



 
Msg#: 4499440 posted 7:20 pm on Sep 24, 2012 (gmt 0)

Hi!

Today I found a rewrite rule in the .htaccess file on one of my sites that I can't remember putting in there.


RewriteEngine on
RewriteCond %{QUERY_STRING} ^(%20|\+|\ )*(%2d|-)[^=]+$ [NC]
RewriteRule ^(.*) $1? [L]


My knowledge in Apache is not so great so any help in identifying what this rule does would be appreciated.

Thanks in advance

 

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4499440 posted 7:48 pm on Sep 24, 2012 (gmt 0)

It apparently strips the query string if it begins with a space and then a hyphen and does not contain an equals sign.

It's coded as an internal rewrite, stripping those parameters before passing the query around inside the server.

The lack of a slash before the $1 leaves your server wide open to hacking by path injection.

Here's an object lesson in commenting your code so you know what it is supposed to do, months and years later. :)

leemon

10+ Year Member



 
Msg#: 4499440 posted 7:56 pm on Sep 24, 2012 (gmt 0)

Thanks! My site got hacked a few months ago. Then, this is probably a remnant of that hack.

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4499440 posted 8:07 pm on Sep 24, 2012 (gmt 0)

I'd say it was an attempt to protect against some sort of hack (except for someone accidentally leaving out the slash).

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved