Apache percent sign % in request URL breaking rewrite
$30-250 USD
Cerrado
Publicado hace más de 13 años
$30-250 USD
Pagado a la entrega
I have a rewrite that makes all the URL's with certain exceptions be handled by a file at the root of my site.
One of the directories that is an exception is working correctly except when a request with a % percent sign character is used; there are have been numerous requests by spammers and it's flooding a log I review with junk requests. I do not process special characters in URL's and the spammer requests are flooding my rejection log.
This job entails two basic goals...
1.) Make all URL requests with % (and other invalid characters) get handled by an HTTP 400 error document in that subdirectory or of the entire site in a way that this will not become an issue if the spammer starts making these odd requests across the site or using other characters. I'd rather mark these requests as HTTP 400 instead of HTTP 403/404 as I don't process any URL's with % or other like characters that can/could be used to throw off my existing Apache exceptions.
2.) Help me understand how to adapt two or more characters in order to help me understand the structure of how use regex with Apache. This goal is not for me to learn several static examples --- it is to understand the structure of how to create future RewriteCond's and deal with oddball requests --- it is also NOT to spend hours learning Apache, just how to get the basic formula working so that I can rework it on my own.
A good / desired / currently working example...
This 404 request...
[login to view URL]
...is intercepted by...
[login to view URL]
...and is an exception which makes the request become handled by...
[login to view URL]
...and since the file does not exist Apache currently/correctly redirects the request to...
[login to view URL]
---------------------
A bad / undesired / currently broken example...
This 404 request...
[login to view URL]
...and breaks the directory exception with the % symbol and therefore is handled by...
[login to view URL]
...this leads the request to be handled by my custom CMS which logs it as a reject when I want to mark it as an HTTP 400 bad request instead.
--------------
I need someone who understands how Apache's minimal syntax works while also comprehends real world application and is willing to also ensure I'll be armed with the knowledge to deal with similar situations though I'm not asking to learn Apache at any exceptional depth.
-------------
Here is my current Apache rewrite code with minimal examples of subdirectory/file and file extension exceptions...
____________________
RewriteEngine on
RewriteRule ^(subdirectory1\/|subdirectory2\/|subdirectory3\/|[login to view URL]) - [L]
RewriteRule !\.(css|gif|html|jpg|mp3|png|swf|xhtml|xml)$ [login to view URL]
____________________
Giving me an example character besides the percent sign % in the bid to try to emulate breaking the request and knowing how to both deal with the percent sign and the second sign is what would help most. My goal is to be able to append the condition over time if need be. Being able to append the condition to a specific directory or site wide (should I encounter the issue in the future elsewhere on my site) would help.
I code OOP PHP and relational MySQL without any frameworks though Apache has been difficult to figure out the structure how to create regex. I know in example I'd use ! as not match to make the condition not match and thus end up not being found instead of having Apache try to interpret it as whatever %25 is.
I currently do not have any other known pending issues with Apache so this will NOT morph in to anything further than the example adaption to two or more characters (the first being the percentage sign) that break the rewrite exception.
I'd like to get this done ASAP and unless I'm somehow gravely mistaken don't think it would take someone too long to create a line or two of Apache code.