homepage Welcome to WebmasterWorld Guest from 54.227.171.163
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Redirect or block empty "GET / HTTP/1.1" requests
.htaccess
Alikris



 
Msg#: 4665004 posted 1:57 pm on Apr 22, 2014 (gmt 0)

I've successfully stopped "GET / HTTP/1.0" requests:

RewriteCond %{THE_REQUEST} HTTP/1\.0
RewriteRule ^(.*)$ - [F]


(No genuine user was using HTTP/1.0)

And now I'm trying to stop my logs getting full up with empty "GET / HTTP/1.1" requests

AS I understand it, such requests are requesting the base url file (eg index.html)So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

But it's not working. My logs are still getting lots of "GET / HTTP/1.1" requests.

Any ideas? Most if not all of these requests are not from genuine users.

Thanks, Ali.

 

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4665004 posted 2:40 pm on Apr 22, 2014 (gmt 0)

RewriteRule ^(.*)$ - [F]

No need to capture if you won't be reusing. A simple
.?
(unanchored) for the pattern is all you need.

So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

That's not a redirect. It's a rewrite. And it's only doing what mod_dir would already be doing on its own: serving up the named page "index.php" when there is a request for the root.

All the RewriteRules in the world won't stop requests; they only affect what happens to requests after they've been received. At the next stage, all the lockouts in the world won't reduce log size. (Firewall, maybe. If it reaches the server, it's logged. You can change the logging level of error logs, but don't try to mess with overall access logs. That's information you need.)

Besides, you can't simply block requests for the root. Humans ask for it too-- and you can't identify humans ahead of time, because requests for supporting files come in after requests for the page they belong to. And what about search engines?

Or did you mean something else when you said "empty"? Requests without a User-Agent, maybe?

not2easy

WebmasterWorld Administrator 5+ Year Member Top Contributors Of The Month



 
Msg#: 4665004 posted 2:47 pm on Apr 22, 2014 (gmt 0)

Lucy24 is right - don't do it. If you access your own site from a bookmark in your browser, look at the logs and you'll see that you would be blocking yourself if you block those empty "GET / HTTP/1.1" requests.

Edited to say what I meant- 1.1, not 1.0 block all the 1.0 requests you want, so long as it is not a WP site (that uses HTTP/1.0 to run the cron updates).

[edited by: not2easy at 3:07 pm (utc) on Apr 22, 2014]

Alikris



 
Msg#: 4665004 posted 3:02 pm on Apr 22, 2014 (gmt 0)

All the RewriteRules in the world won't stop requests


Hmm, yes, makes sense :(

I'm just fed up with these requests.

Thanks for your replies :)

Ali.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved