Forum Topic: Blocking based on part of the url

Forum: .htaccess Forum : Security • Posted by Jeroen • Updated:

Hi Jeff or others,

I am trying to understand your 5G. Lately I get urls like this and I am trying to figure out how to give them a 403.

http://domain.com/resep/ads.xl.co.id/hp/403.php

Up to resep/ it’s all good, but the rest isn’t mine and it has to be gone.

I tried adding 403 to the 5G, but no result. Don’t know why. Like this:

RedirectMatch 403 /(contac|fpw|install|pingserver|register|403)\.php$

Just trying to understand how to block based on a part of the url. If I could understand this part, I am already helped a lot.

Thanks

Okoth

4 Replies to “Blocking based on part of the url”

Posted by Jeff Starr

Hi Jeroen,

I just tried adding the “403” as you mention and it does block any request containing 403.php. Have you tested other strings blocked by the 5G to see if any of them are working?

Posted by Jeroen •

Jeff, it looks like none of the RedirectMatch 403 are working. RedirectMatch 301 is working, though.

This is the part of the 5G that is in my htaccess (inside the root)

# 5G:[REQUEST STRINGS]
<IfModule mod_alias.c>
	RedirectMatch 403 (https?|ftp|php)\://
	RedirectMatch 403 /(https?|ima|ucp)/
	RedirectMatch 403 /(Permanent|Better)$
	RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
	RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
	RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
	RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
	RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
	RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
	RedirectMatch 403 \.well\-known/host\-meta
	RedirectMatch 403 /function\.array\-rand
	RedirectMatch 403 \)\;\$\(this\)\.html\(
	RedirectMatch 403 proc/self/environ
	RedirectMatch 403 msnbot\.htm\)\.\_
	RedirectMatch 403 /ref\.outcontrol
	RedirectMatch 403 com\_cropimage
	RedirectMatch 403 indonesia\.htm
	RedirectMatch 403 \{\$itemURL\}
	RedirectMatch 403 function\(\)
	RedirectMatch 403 labels\.rdf
	RedirectMatch 403 /playing.php
	RedirectMatch 403 muieblackcat
</IfModule>

#####OWN#####

RedirectMatch 301 /(.*)/undefined$ http://dapurkobe.co.id/$1

I don’t know if it matters, but in the text editor the code colors look like this: htaccess.gif.

W3 Total Cache code is before yours in my htaccess. Don’t know if that matters?

(Hang on for a day, Jeff, I have also contacted HostGator to look at it. I’ll let you know).

Thanks for looking at it, Jeff.

Posted by Jeroen •

Response from HostGator:

Your RedirectMatch directives were not functioning as expected because there was no default 403 document handler defined.

Makes sense. It’s working now. Learnt something again.

Posted by Jeff Starr

Glad to hear it’s working, Jeroen. Let me know if any further issues, I’m here to help. Also, about the code editor displaying the htaccess rules in two different colors.. that is totally fine, just the syntax rules of the editor get lost with all of the backslashes and whatnot.