Malcerous Posted April 11, 2007 Share Posted April 11, 2007 I have an apache server infront of a java application server. I am getting what is similar to a very small DOS attack. I am seeing alo of errors in my http_error_log [Tue Apr 10 hr:mm:ss yyyy] [error] [client xxx.xxx.xxx.xxx] File does not exist: /usr/www/htdocs/default.asp [Tue Apr 10 hr:mm:ss yyyy] [error] [client xxx.xxx.xxx.xxx] File does not exist: /usr/www/htdocs/order.asp I do not support asp files on my server. The problem is that these requests are being passed to my application servers to see if the files exist. I am wondering if there is a way to block or redirect all requests for .asp and .cgi files using the httpd.conf file. Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/ Share on other sites More sharing options...
rpadilla Posted April 11, 2007 Share Posted April 11, 2007 Im not sure if a DOS attack or some spamers crawling the net, looking for something. anyway you can make some settings in your httpd.conf to redirect 404 /file not found to some file... I think I'll just ignore it anyway.... Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/#findComment-226735 Share on other sites More sharing options...
wildteen88 Posted April 11, 2007 Share Posted April 11, 2007 Look into the <filesmatch> directive. Example: <FilesMatch "\.(asp|cgi)$"> Order allow,deny Deny from all </FilesMatch> If an request is made to an asp or cgi file the server will respond with a 403 Forbidden Error. Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/#findComment-226743 Share on other sites More sharing options...
Malcerous Posted April 11, 2007 Author Share Posted April 11, 2007 Thank you Very Much.. Once again Freaks comes through.. Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/#findComment-226763 Share on other sites More sharing options...
wildteen88 Posted April 11, 2007 Share Posted April 11, 2007 As a side note if you to add more file extension that you don't want to people to go to just a pipe character and then the extension, for example you don't want people to see .xyz extension. <FilesMatch "\.(asp|cgi|xyz)$"> That will now block asp, cgi and xyz files from being requested Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/#findComment-226764 Share on other sites More sharing options...
Malcerous Posted April 11, 2007 Author Share Posted April 11, 2007 I thought it would have been like that... Thanks alot WT88 Link to comment https://forums.phpfreaks.com/topic/46579-solved-block-requests-for-specific-file-extentions-asp-cgi/#findComment-226997 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.