Forum Moderators: phranque
(The error being the "_files" part)
So far I've only seen MAC Safari users cause these errors, possibly when pulling the site down to desktop. Anyway, I'd like to redirect all paths containing "_files" to my index page. I'm guessing at this:
RedirectMatch 301 _files\. h*tp://www.my-domain.com
I'm going to take a guess here, and say that I think these are all image references from "Saved offline" copies of your pages. In that case, you might want to consider replacing them with either "thief.gif" or with an image overlaid with text inviting them to visit your site directly. I'd lean toward the latter method, lacking any further evidence to support allegations of maliciousness.
Something like:
RedirectMatch 301 ^.+_files\..+\.gif$ http://www.example.com/please_visit.gif
I agree these are references from "Saved offline" copies of my pages, but they are not all image requests. The "_files" seems to be automatically inserted into almost every kind of file request: .gif, .html, .js etc
So, following your lead, maybe I could use?
RedirectMatch 301 ^.+_files\. h*tp://www.example.com/forbidden.html
<added>
Actually, I'm not quite sure about the file types other than image files now that I recall, so until I see evidence otherwise, I think I will just go with what you suggest and use this:
RedirectMatch 301 ^.+_files\..+\.(gif¦jpg)$ h*tp://www.example.com/images/thief.png
1) Don't try to actually redirect (301 or 302) image files to html files or vice-versa. Browsers can't handle it. The same goes for scripts, etc. Generally, you can redirect from a .jpg to a .gif or vice-versa - most browsers can handle minor mix-ups of the filetype. But trying to redirect an image request to an html custom error page won't work - your "Forbidden" message will never be seen.
2) If you want to use a custom-403 response, then use mod_rewrite to return forbidden status to all "_files" requests:
RewriteRule ^.+_files\. - [F]
Jim
RedirectMatch 301 ^.+_files\..+\.(gif¦jpg)$ h*tp://www.example.com/images/thief.pngdoesn't work. When I request: h*tp://www.example.com/image_files/logo.gif
my 404 error page comes up.
<added>
RewriteRule ^.+_files\. - [F]
The page h*tp://www.example.com/image_files/logo.gif does not match the rule, and therefore is not forbidden. Then, since it is not present, it 404's.
The URLs in your initial posts and the code you posted all mention "_files<dot><something>" and your test URL does not contain a dot after "_files". Therefore, it failed.
If it is not the case that the dot is always present, then change the rule:
RedirectMatch 301 ^.+_file[b]s.+\.(g[/b]if¦jpg)$ h*tp://www.example.com/images/thief.png
Thanks again Jim. I was actually testing with several different paths.
Fact of the matter is, there is no real pattern I can narrow these requests down to. The "_files" seems to be present in various places in the paths to different files. Any file linked to my page would get this. Sorry I should have been more exact in posting examples.
I've banned the offending IPs, so for the moment these errors have stopped, but they have come from many IPs in the past. Time will tell if this was just 1 or 2 users, or a widely used download tool.
Just a side note: Now that I have dozens of download tools, rippers, bad guy IPs, etc. banned or blocked, I'm aware of just how many "hostile" occurrences happen on a daily basis - rather discouraging. This must be how security guards in a retail store feel.
