homepage Welcome to WebmasterWorld Guest from 54.166.123.2
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Redirect or block empty "GET / HTTP/1.1" requests
.htaccess
Alikris




msg:4665006
 1:57 pm on Apr 22, 2014 (gmt 0)

I've successfully stopped "GET / HTTP/1.0" requests:

RewriteCond %{THE_REQUEST} HTTP/1\.0
RewriteRule ^(.*)$ - [F]


(No genuine user was using HTTP/1.0)

And now I'm trying to stop my logs getting full up with empty "GET / HTTP/1.1" requests

AS I understand it, such requests are requesting the base url file (eg index.html)So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

But it's not working. My logs are still getting lots of "GET / HTTP/1.1" requests.

Any ideas? Most if not all of these requests are not from genuine users.

Thanks, Ali.

 

lucy24




msg:4665019
 2:40 pm on Apr 22, 2014 (gmt 0)

RewriteRule ^(.*)$ - [F]

No need to capture if you won't be reusing. A simple
.?
(unanchored) for the pattern is all you need.

So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

That's not a redirect. It's a rewrite. And it's only doing what mod_dir would already be doing on its own: serving up the named page "index.php" when there is a request for the root.

All the RewriteRules in the world won't stop requests; they only affect what happens to requests after they've been received. At the next stage, all the lockouts in the world won't reduce log size. (Firewall, maybe. If it reaches the server, it's logged. You can change the logging level of error logs, but don't try to mess with overall access logs. That's information you need.)

Besides, you can't simply block requests for the root. Humans ask for it too-- and you can't identify humans ahead of time, because requests for supporting files come in after requests for the page they belong to. And what about search engines?

Or did you mean something else when you said "empty"? Requests without a User-Agent, maybe?

not2easy




msg:4665020
 2:47 pm on Apr 22, 2014 (gmt 0)

Lucy24 is right - don't do it. If you access your own site from a bookmark in your browser, look at the logs and you'll see that you would be blocking yourself if you block those empty "GET / HTTP/1.1" requests.

Edited to say what I meant- 1.1, not 1.0 block all the 1.0 requests you want, so long as it is not a WP site (that uses HTTP/1.0 to run the cron updates).

[edited by: not2easy at 3:07 pm (utc) on Apr 22, 2014]

Alikris




msg:4665023
 3:02 pm on Apr 22, 2014 (gmt 0)

All the RewriteRules in the world won't stop requests


Hmm, yes, makes sense :(

I'm just fed up with these requests.

Thanks for your replies :)

Ali.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved