Welcome to WebmasterWorld Guest from 54.167.58.159

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Redirect or block empty "GET / HTTP/1.1" requests

.htaccess

     

Alikris

1:57 pm on Apr 22, 2014 (gmt 0)



I've successfully stopped "GET / HTTP/1.0" requests:

RewriteCond %{THE_REQUEST} HTTP/1\.0
RewriteRule ^(.*)$ - [F]


(No genuine user was using HTTP/1.0)

And now I'm trying to stop my logs getting full up with empty "GET / HTTP/1.1" requests

AS I understand it, such requests are requesting the base url file (eg index.html)So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

But it's not working. My logs are still getting lots of "GET / HTTP/1.1" requests.

Any ideas? Most if not all of these requests are not from genuine users.

Thanks, Ali.

lucy24

2:40 pm on Apr 22, 2014 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



RewriteRule ^(.*)$ - [F]

No need to capture if you won't be reusing. A simple
.?
(unanchored) for the pattern is all you need.

So I've tried redirecting such requests:

RewriteRule ^/?$ /index\.php [L]

That's not a redirect. It's a rewrite. And it's only doing what mod_dir would already be doing on its own: serving up the named page "index.php" when there is a request for the root.

All the RewriteRules in the world won't stop requests; they only affect what happens to requests after they've been received. At the next stage, all the lockouts in the world won't reduce log size. (Firewall, maybe. If it reaches the server, it's logged. You can change the logging level of error logs, but don't try to mess with overall access logs. That's information you need.)

Besides, you can't simply block requests for the root. Humans ask for it too-- and you can't identify humans ahead of time, because requests for supporting files come in after requests for the page they belong to. And what about search engines?

Or did you mean something else when you said "empty"? Requests without a User-Agent, maybe?

not2easy

2:47 pm on Apr 22, 2014 (gmt 0)

WebmasterWorld Administrator 5+ Year Member Top Contributors Of The Month



Lucy24 is right - don't do it. If you access your own site from a bookmark in your browser, look at the logs and you'll see that you would be blocking yourself if you block those empty "GET / HTTP/1.1" requests.

Edited to say what I meant- 1.1, not 1.0 block all the 1.0 requests you want, so long as it is not a WP site (that uses HTTP/1.0 to run the cron updates).

[edited by: not2easy at 3:07 pm (utc) on Apr 22, 2014]

Alikris

3:02 pm on Apr 22, 2014 (gmt 0)



All the RewriteRules in the world won't stop requests


Hmm, yes, makes sense :(

I'm just fed up with these requests.

Thanks for your replies :)

Ali.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month