Is this acceptable for Malicious access attempts?

Forum Moderators: phranque

Message Too Old, No Replies

Is this acceptable for Malicious access attempts?

Giljorak

5:02 pm on Oct 15, 2003 (gmt 0)

RewriteRule (\.ida¦root\.exe¦\.htaccess¦strmver¦MSOffice¦\.asp¦\.dll¦_vti_bin¦orders¦Auth_data) http ://%{REMOTE_ADDR} [NC,R=301,L]

Is there a downside to using this statement? Am I missing something? I have tested this on my server using wannabrowser and it seems to work great.

Thanks

[edit to make link not work]

closed

2:05 am on Oct 16, 2003 (gmt 0)

Looks fine to me.

I don't think you need to include .htaccess in that list, because you'll generally find something like this in httpd.conf:


#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ~ "^\.ht">
 Order allow,deny
 Deny from all
</Files>

I'm not quite sure why you'd want to redirect back to the client. Saving bandwidth, maybe?

Giljorak

2:48 am on Oct 16, 2003 (gmt 0)

I'm sending it back because I do not want them on my site. So yes it is to save bandwidth but it is to also shove it back in their face.

BlueSky

3:41 am on Oct 16, 2003 (gmt 0)

I hope you realize a lot of IPs will not display any website and will end up giving error messages like "Cannot find server or DNS Error." In those cases, it will only appear to them that there's a problem with your site.

jdMorgan

3:55 am on Oct 16, 2003 (gmt 0)

... and most malicious user-agents won't follow a 301 redirect anyway.

Save CPU time, bandwidth, and 'net resources:


RewriteRule (\.ida¦root\.exe¦\.htaccess¦strmver¦MSOffice¦\.asp¦\.dll¦_vti_bin¦orders¦Auth_data) - [F]

Jim