.htaccess to redirect mt-comments.cgi requests somewhere else - Apache Web Server forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

.htaccess to redirect mt-comments.cgi requests somewhere else

Comment spammers never give up, never surrender.

RadicalBender

2:35 pm on Mar 22, 2007 (gmt 0)

10+ Year Member

I'm setting up my personal blog again after it had been down for over six months. I get everything set up the way I want and then discover to my surprise that comment spammers are STILL requesting my old mt-comments.cgi file (the file that generated comments back when I was using MovableType).

Well, comment spammers are nothing if not persistent, I guess. I haven't used MT in the last year and a half and haven't even had a site for the last six months and they are STILL TRYING!

So, here's what I need some help on. I want to create an .htaccess file that redirects CGI requests...somewhere else...like maybe to a Windows XP service pack download or something. I want them off of my site and (ideally) to go somewhere else that punishes them all for still trying to access this file that hasn't existed since 2005 (like downloading a 250 MB file).

How do I do this? I've tried modifying a few things I've found on the internet (like image hotlink blockers), but they aren't working for me when I change them to CGI files.

Anyone have any suggestions?

jdMorgan

2:52 pm on Mar 22, 2007 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

> to go somewhere else that punishes them all for still trying to access this file that hasn't existed since 2005

And you also want to "punish" the site to which you redirect these harvesters and punish all Web users by tying up Web bandwidth while doing it? -- That's not an acceptable use of the Web, IMO.

The simplest approach is to simply 403 these guys and be done with it:


RewriteRule ^mt-comments\.cgi$ - [F]

If you have a large custom 403 page, then a viable approach is to rewrite these requests to a "special" new subdirectory. In that subdirectory, place an empty (or very small) file, and name it, say, "403null.html". Then in .htaccess in that special subdirectory, place the following:


ErrorDocument 403 /special/403null.html
#
RewriteRule !^403null\.html$ - [F]

Then, in your main .htaccess:


RewriteRule ^mt-comments\.cgi$ /special/index.html [L]

Note that "index.html" does not need to exist. The effect of this is that requests for mt-comments.cgi are rewritten to /special/index.html. However, the .htaccess file in /special forbids all requests to that subdirectory and declares a zero-byte custom error document for 403s. So, requests for mt-comments.cgi result in a 403-Forbidden server response with a zero-byte content-body, saving you bandwidth.

Note also that none of this will work if your cgi-bin is an "aliased" directory and if you are unable to put an .htaccess file into the actual cgi script directory -- The Alias directive will usually be processed before mod_rewrite has a chance to kick in, and in that case, mod_rewrite in your root directory won't work for cgi requests -- the code will have to be moved to the aliased cgi directory to work.

Jim