Block certain requests starting with specific string using .htaccess in apache

.htaccessapache-2.2

54.215.234.39 - - [02/Apr/2014:10:51:35 -0400] "GET /ProductSearch.aspx?qs=94307 HTTP/1.1" 404 11414 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0"

I am getting a lot of these requests sent to my apache server from various ip addresses. We used to use a aspx based site. Now it's php. These requests are flooding the server. How can I block all requests that have the string "ProductSearch.aspx" in them?

Best Answer

You could send a 403 Forbidden (access denied) in case /ProductSearch.aspx is requested :

RewriteEngine On
RewriteCond %{REQUEST_URI} ^/ProductSearch.aspx
RewriteRule ^(.*)$ - [F,L]

However, note that these requests will still reach your server and will appears in your access.log (but with a 403 instead of a 404).

To avoid this you will have to filter before your web server. This could be done with a Reverse Proxy but this is a full other point.

Also, as mentionned by @Michael Hampton in comments, you could redirect all requests that ask for an *.aspx file to an *.php page.

(assuming, e.g, that yourpage.aspx has been replaced by yourpage.php) :

RewriteEngine On
RewriteRule  ^(.*).aspx$ $1.php [R=301]

This will redirect

http://mydomain.com/ProductSearch.aspx?qs=94307

http://mydomain.com/ProductSearch.php?qs=94307

Related Solutions

Centos – Tomcat with virtual hosts – 404

It smells like maybe it's running into a mod_rewrite or alias before it's getting to your virtual host definition. Everything you've posted looks correct, but you can try adding a few extra options:

JkWorkersFile  /explicit/path/to/workers.properties
JkLogFile      /var/log/mod_jk.log
JkLogLevel     debug

That first setting will make sure you're using the actual properties file you think you are, maybe something in your multi-tomcat environment is loading the wrong one. You might also check this specific instance's TOMCAT_HOME to ensure it's loading the right server.xml; you can actually pass that as well as a parameter to $TOMCAT_HOME with -config:

cd $TOMCAT_HOME
./bin/startup.sh -config /direct/path/to/server.xml

See where that takes you...

Apache – Weird Apache Access Log

Those looks like attempts to leverage mod_proxy to get at other parts of the 'net. An incorrectly configured mod_proxy config makes a web-server an open proxy, very valuable for people trying to look like they're not from the place that they actually are. I can't be sure, but that's sure what it looks like to me.

Apache mod_proxy documentation, on access-control:

http://httpd.apache.org/docs/2.0/mod/mod_proxy.html#access

Best Answer

Related Solutions

Centos – Tomcat with virtual hosts – 404

Apache – Weird Apache Access Log

Related Topic