Lukket

Apache percent sign % in request URL breaking rewrite

I have a rewrite that makes all the URL's with certain exceptions be handled by a file at the root of my site.

One of the directories that is an exception is working correctly except when a request with a % percent sign character is used; there are have been numerous requests by spammers and it's flooding a log I review with junk requests. I do not process special characters in URL's and the spammer requests are flooding my rejection log.

This job entails two basic goals...

1.) Make all URL requests with % (and other invalid characters) get handled by an HTTP 400 error document in that subdirectory or of the entire site in a way that this will not become an issue if the spammer starts making these odd requests across the site or using other characters. I'd rather mark these requests as HTTP 400 instead of HTTP 403/404 as I don't process any URL's with % or other like characters that can/could be used to throw off my existing Apache exceptions.

2.) Help me understand how to adapt two or more characters in order to help me understand the structure of how use regex with Apache. This goal is not for me to learn several static examples --- it is to understand the structure of how to create future RewriteCond's and deal with oddball requests --- it is also NOT to spend hours learning Apache, just how to get the basic formula working so that I can rework it on my own.

A good / desired / currently working example...

This 404 request...

[url removed, login to view]

...is intercepted by...

[url removed, login to view]

...and is an exception which makes the request become handled by...

[url removed, login to view]

...and since the file does not exist Apache currently/correctly redirects the request to...

[url removed, login to view]

---------------------

A bad / undesired / currently broken example...

This 404 request...

[url removed, login to view]

...and breaks the directory exception with the % symbol and therefore is handled by...

[url removed, login to view]

...this leads the request to be handled by my custom CMS which logs it as a reject when I want to mark it as an HTTP 400 bad request instead.

--------------

I need someone who understands how Apache's minimal syntax works while also comprehends real world application and is willing to also ensure I'll be armed with the knowledge to deal with similar situations though I'm not asking to learn Apache at any exceptional depth.

-------------

Here is my current Apache rewrite code with minimal examples of subdirectory/file and file extension exceptions...

____________________

RewriteEngine on

RewriteRule ^(subdirectory1\/|subdirectory2\/|subdirectory3\/|[url removed, login to view]) - [L]

RewriteRule !\.(css|gif|html|jpg|mp3|png|swf|xhtml|xml)$ [url removed, login to view]

____________________

Giving me an example character besides the percent sign % in the bid to try to emulate breaking the request and knowing how to both deal with the percent sign and the second sign is what would help most. My goal is to be able to append the condition over time if need be. Being able to append the condition to a specific directory or site wide (should I encounter the issue in the future elsewhere on my site) would help.

I code OOP PHP and relational MySQL without any frameworks though Apache has been difficult to figure out the structure how to create regex. I know in example I'd use ! as not match to make the condition not match and thus end up not being found instead of having Apache try to interpret it as whatever %25 is.

I currently do not have any other known pending issues with Apache so this will NOT morph in to anything further than the example adaption to two or more characters (the first being the percentage sign) that break the rewrite exception.

I'd like to get this done ASAP and unless I'm somehow gravely mistaken don't think it would take someone too long to create a line or two of Apache code.

Færdigheder: Apache

Se mere: apache percent sign url, rewriterule percentage sign, url rewrite percent, apache rewrite percent, htaccess percent sign, apache rewriterule percent, apache url percent sign, apache bad request percent, percent sign breaks htaccess, percent sign bad request, htaccess rewrite percent, apache bad request, percent sign url apache, apache rewrite percent sign, php percent sign url, percent url apache, percent sign url, apache rewrite 404, percentage requests apache, percentage breaks url, php apache bad request, apache rewriterule percentage, percent request url, use percent request apache, rewriterule percent

Om arbejdsgiveren:
( 1 bedømmelse ) Sarasota, United States

Projekt-ID: #943622

3 freelancere byder i gennemsnit $41 for dette job

gasparch

Please see PM

$49 USD på 1 dag
(20 bedømmelser)
4.8
sgiraud

I think you just need to flag your rewrite rule with the 'No Escape' flag to prevent apache to transform % in %5 and break your rule

$30 USD på 1 dag
(0 bedømmelser)
0.0
sankalplondon13

Please let me know when we have to start the work for u I am on skype add me as sankalpsaxena7

$45 USD på 1 dag
(0 bedømmelser)
0.0