Hi Arno No, when you use <Location> it's not filesystem specific any more. But I've just found out that you can't match on the query-string. > These images aren't on my server, and > the requests aren't trying to access images on my server. What I see > are requests using the php script on my server to try access an image > file (or html or txt or php) on someone else's server. I was hoping > there's a way to tell apache to block requests where id=non_numeric. I think you'll have to use URL rewriting. Try this: http://jessen.ch/arnokuhl?id=nonnumeric That should give you a 403. http://jessen.ch/arnokuhl?id=9999 Should give you a print_r() output. This is the rewrite config: RewriteEngine on RewriteCond %{QUERY_STRING} id=[^0-9]+ RewriteRule (/arnokuhl.*) $1 [f] HTH Per ------------------------ Many thanks for all your effort and help Per. That's exactly what I was trying to achieve. Cheers Arno -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
