| Author |
Message |
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
 Posted:
Sun Dec 26, 2004 8:41 am |
 
|
We have so many good threads on this, I thought I'd recap  Through added contributions by VinDSL and Mds, this is a synopsis. Not that this only applies if you are using Apache as a module and not CGI.
.htaccess only applies to Apache
mod_rewrite must be compiled in Apache
The lines to add at the top of .htaccess are (SOME-OTHER-PAGE needs to be replaced with a real redirect page) | Code: | #Check for Santy Worms and redirect them to a fake page
#Variant -1
RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]
#Variant -2
RewriteCond %{REQUEST_URI} ^visualcoders [NC,OR]
#Variant -3
RewriteCond %{QUERY_STRING} rush=([^&]+) [NC]
RewriteRule ^.*$ SOME-OTHER-PAGE.php [L]
|
This assumes that the user-agent does begin with LWP. If yours is different then make the needed adjustments. |
|
|
   
|
|
sharlein
Member Emeritus
Joined: Nov 19, 2002
Posts: 322
Location: On the Road
|
| Posted:
Sun Dec 26, 2004 11:05 am |
|
Raven, what does LWP stand for? I am using Firefox, would I enter mozilla for my agent? Thanks, Steve |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 12:10 pm |
|
No. lwp is the start of many of the user agent's nem, like LWP::Simple and several others. So, ^LWP {NC} means any user agent beginning with LWP. The [NC] makes it case insensitive. |
|
|
|
|
|
sharlein
Member Emeritus
Joined: Nov 19, 2002
Posts: 322
Location: On the Road
|
| Posted:
Sun Dec 26, 2004 12:13 pm |
|
|
|
|
|
64bitguy
The Mouse Is Extension Of Arm
Joined: Mar 06, 2004
Posts: 1156
Location: Sanbornton, NH USA
|
| Posted:
Sun Dec 26, 2004 12:14 pm |
|
Raven, pardon the brain cramp, (I'm severely hung-over and it looks like my friends have raided the liquor cabinet again as they have started making another batch of "Christmas Punch" so there's not much hope of sobriety today either...
What would you put in place of
RewriteRule ^.*$ SOME-OTHER-PAGE.php [L]
to redirect to an off site URL?
Thanks |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 12:21 pm |
|
PC-Killer, or you could probably just put
RewriteRule ^.*$ [F] which will just give them the standard 403 Forbidden screen. |
Last edited by Raven on Sun Dec 26, 2004 6:21 pm; edited 1 time in total |
|
|
|
|
64bitguy
The Mouse Is Extension Of Arm
Joined: Mar 06, 2004
Posts: 1156
Location: Sanbornton, NH USA
|
| Posted:
Sun Dec 26, 2004 12:30 pm |
|
No standard syntax to redirect to a defined off-site URL though?
Thanks! |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 12:32 pm |
|
Sure. RewriteRule ^.*$ [L] although the FBI might not appreciate it |
|
|
|
|
|
sharlein
Member Emeritus
Joined: Nov 19, 2002
Posts: 322
Location: On the Road
|
| Posted:
Sun Dec 26, 2004 12:54 pm |
|
Where can I find my user agent's nem? Completely in the dark here. |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 2:13 pm |
|
Not YOUR user-agent, but THEIR user-agent as Sentinel reports it. |
|
|
|
|
|
Savent
Regular
Joined: Jun 30, 2003
Posts: 81
|
| Posted:
Sun Dec 26, 2004 2:15 pm |
|
Is the santy worm gone now? I haven't heard anything in the news about it, in like a week. |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Sun Dec 26, 2004 2:20 pm |
|
Its a safe bet that there is a rip off of it attacking portals whether they have phpbb installed or not. |
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 5:20 pm |
|
| Raven wrote: | | No. lwp is the start of many of the user agent's nem, like LWP::Simple and several others. So, ^LWP {NC} means any user agent beginning with LWP. The [NC] makes it case insensitive. |
Hi Raven..
I put those lines in my .htaccess and it didnt stop
User Agent: LWP::Simple/5.79
Any suggestions?
Thx |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 5:21 pm |
|
Is mod_rewrite installed? |
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 5:30 pm |
|
Euh.. i guess not. Is this something that the host should do? |
|
|
|
|
|
PHrEEkie
Subject Matter Expert
Joined: Feb 23, 2004
Posts: 358
|
| Posted:
Sun Dec 26, 2004 5:33 pm |
|
| Himmel wrote: | | Euh.. i guess not. Is this something that the host should do? |
Seeing as mod_rewrite presents no security concern to the server itself, and instead is a desirable option for any dynamic content site, the answer is a resounding YES, your host should have that enabled...
PHrEEk |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 5:37 pm |
|
Run phpinfo() to verify if it is installed or not. |
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 5:47 pm |
|
| Raven wrote: | | Run phpinfo() to verify if it is installed or not. |
Sorry ..but dont know where and how  |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 5:51 pm |
|
<?
phpinfo();
?>
Save that as info.php, ftp it to your web server and run it. |
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 6:01 pm |
|
Loaded Modules mod_log_bytes, mod_frontpage, mod_php4, mod_ssl, mod_setenvif, mod_auth, mod_access, mod_rewrite, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core
Yep it is...
Maybe i made a mistake in the .htaccess :
#Check for Santy Worms and redirect them to a fake page
#Variant -1
RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]
#Variant -2
RewriteCond %{REQUEST_URI} ^visualcoders [NC,OR]
#Variant -3
RewriteCond %{QUERY_STRING} rush=([^&]+) [NC]
RewriteRule ^.*$ [F} [L] |
|
|
|
|
|
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
| Posted:
Sun Dec 26, 2004 6:02 pm |
|
Raven (and everyone who contributed) thank you so much for the cure, I've not had any pesky emails from Sentinel since I added it to my htaccess file. |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 6:11 pm |
|
Himmel,
Where did you get this? It's wrong | Code: | | RewriteRule ^.*$ [F} [L] |
It should be | Code: | | RewriteRule ^.*$ [F] |
|
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 6:17 pm |
|
| Raven wrote: | PC-Killer, or you could probably just put
RewriteRule ^.*$ [F} which will just give them the standard 403 Forbidden screen. |
Sorry.. used that1
and: RewriteRule ^.*$ SOME-OTHER-PAGE.php [L]
Will make the change now |
Last edited by Himmel on Sun Dec 26, 2004 6:23 pm; edited 1 time in total |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16986
Location: Kansas
|
| Posted:
Sun Dec 26, 2004 6:21 pm |
|
 - Stupid fingers SORRY!!! |
|
|
|
|
|
Himmel
Regular
Joined: May 08, 2004
Posts: 77
|
| Posted:
Sun Dec 26, 2004 6:24 pm |
|
Hehehe.. noproblem .. im the 1 who doesnt understand php |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
