httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ed Sawicki ...@alcpress.com>
Subject [users@httpd] RedirectMatch
Date Tue, 20 Dec 2005 04:48:22 GMT
I'm administering an Apache server that runs PHP-based
Webapps that I have not written and cannot change. These
Webapps are being successfully attacked. Here's an
example from the log:

66.57.121.127 - - [19/Dec/2005:19:50:46 -0800] "GET
/phplive/image_tracker.php?l=Bob&x=1&deptid=0&page=
http%3A//www.pcbpro.com/pcb-quote.php%3FWT.mc_id%3D
psepi00003%26referrer%3Dhttp%253a%252f%252fz-quest.com
%252fgo.php%253fidUser%253d36%2526z%253dasaphczzhihd
%2526idXmlFeed%253d37%2526idKeyword%253d145%2526
idSearchStatus%253d2%2526st%253d%2526url%253duggc
%253a%252f%252fgkpyvpx.rcvybg.pbz%252fpyvpx.nfck
%2540aoavhy%2540x%253dryrpgebavpf%2540aoaphy%2540o
%253d700%2540aoaphy%2540c%253drcvybg%2540aoaphy
%2540f%253dmdhrfgz%2540aoaphy%2540cbf%253d1%2540aoaphy
%2540g%253d24%2540aoaphy%2540xvq%253dQP8N5Q43-Q517-40O0-
87Q9-P281S6QN0458%2540aoaphy%2540rc%253d255%2540aoaphy
%2540fvq%253d815O3P57-3PS6-41S0-80S9-N79084865R39%2540
aoaphy%2540y%253duggc%253a%2540aoamhy%25402S%2540aoamhy
%25402Sjjj.cpoceb.pbz%2540aoamhy%25402Scpo-dhbgr.cuc
%2540aoamhy%25403SJG.zp_vq%253dcfrcv00003%2526ts
%253danaihxzszxhdzahczmzh%2526rb%253daaaphfhpzf
%2526is%253d66%25252E57%25252E121%25252E127%2526
idDomain%253d0&unique=1135050643687 HTTP/1.1" 200 43

In this example, I'd like to detect the string "go.php"
and redirect the request elsewhere. I've tried to
use RedirectMatch but nothing I've tried works.
Here's just one example of the many, many statements
I've tried:

RedirectMatch   301 (.*)go\.php        http://127.0.0.1

This is Apache 2.0.46 with mod_alias loaded.

Ed

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message