Welcome to WebmasterWorld Guest from 54.161.110.186

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

410

Response to random requests

     
12:54 pm on Dec 12, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I'm working on a site that has been hacked, and am trying to remove the thousands of invalid search results.

Looking at the server logs I'm finding examples like this:
"GET /Z7WybgVLc/ HTTP/1.1" 200

Of course, these entries don't exist, at least not for now...

In the htaccess file I've created these rules:

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^[a-z0-9]{9}\/$ index.php [G,L,NC]
RewriteRule ^[a-z0-9]{8}\/$ index.php [G,L,NC]
RewriteRule ^[a-z0-9]{7}\/$ index.php [G,L,NC]

The idea is to return GONE for any random requests of 7,8, or 9 characters/numbers that ends with "/".

I've tested this, and it seems to work. However, since mod-rewrite is nothing but voodoo, I thought I'd ask to see if I'm missing anything that should be obvious.
6:55 pm on Dec 12, 2010 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Beware that as shown, the RewriteCond only affected the first rule, and not the final two.

The ruleset simplifies to:

RewriteCond %{REQUEST_FILENAME} !-f 
RewriteRule ^[a-z0-9]{7,9}/$ - [G,NC]


You probably don't even need the RewriteCond, as you probably don't have files without extensions on the server.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month