Link to home
Start Free TrialLog in
Avatar of demienx
demienx

asked on

Rewrite rules continue processing


Hello,

I have the following rewrite rules for a given virtualhost. I do want that when a image is requested with a referer from a not
allowed site, the apache engine stops processing any further reqrite rules [L], however it appears that apache keeps processing
the rules from the 3rd to lst when the referer is from a not allowed domain.

Can someone show me the lingth on why this is happening?

Thanks in advance.



--- httpd.conf sample --------------------------------------------------------------------------------------------------------------

    RewriteEngine On

    # block user agents
    RewriteCond %{HTTP_USER_AGENT} ^.*MSFrontpage.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Frontpage.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Backweb.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Bandit.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Ants.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Buddy.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*zip.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Crawler.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Wget.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Grabber.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Sucker.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Downloader.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Siphon.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Collector.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Snagger.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Widow.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Snake.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Vacuum.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Pump.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Teleport.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Reaper.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Mag-Net.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Memo.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*pcBrowser.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*leech.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Stripper.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Offline.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Copier.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Mirror.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*mister.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*HMView.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*HTTrack.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*JOC.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*likse.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Recorder.*$
    RewriteRule ^/.+ - [F]

   # block viruses and script kiddies
    RewriteCond %{THE_REQUEST} default.ida
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} cmd.exe
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} root.exe
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} /scripts/
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} /cgi-bin/src/redirect.php
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} /cgi-bin/biztalkhttpreceive.dll
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} /cgi-bin/mailbox.php3
    RewriteRule ^.*$ - [G,L]

    RewriteCond %{THE_REQUEST} _vti_
    RewriteRule ^.*$ - [G,L]
   
    RewriteCond %{THE_REQUEST} shell.exe
    RewriteRule ^.*$ - [G,L]


<VirtualHost 123.123.123.123>
   ServerName www.site.com
   ServerAlias site.com
   ScriptAlias /cgi-bin/ /www/site.com/cgi-bin/
   DocumentRoot /www/site.com/
   
   RewriteEngine On
   RewriteOptions inherit
   
   RewriteLog /usr/local/apache/logs/site.com_rewrite_log
   RewriteLogLevel 9
   RewriteCond %{HTTP_REFERER} !^http://(www\.)?site\.com/ [NC]
   RewriteCond %{HTTP_REFERER} !^http://(www\.)?goodsite\.com/ [NC]
   RewriteCond %{HTTP_REFERER} !^$
   RewriteRule \.(jpe?g|gif|bmp|png|JPEG?G|GIF|BMP|PNG)$ [L]
</VirtualHost>

---------------------------------------------------------------------------------------------------------------------------------------




--- Rewrite log for a request from not allowed domain ------------------------------------------------------------------------

111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (2) init rewrite engine with requested uri /image.gif
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '\.(jpe?g|gif|bmp|png|JPEG?G|GIF|BMP|PNG)$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='http://badsite.com/hotlink.html' pattern='!^http://(www\.)?site\.com/' => matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='http://badsite.com/hotlink.html' pattern='!^$' => matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (2) rewrite /image.gif -> [L]
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^/.+' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='default.ida' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='cmd.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='root.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/scripts/' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/src/redirect.php' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/biztalkhttpreceive.dll' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/mailbox.php3' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='_vti_' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (3) applying pattern '^.*$' to uri '[L]'
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='shell.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:46:55 -0500] [www.site.com/sid#81f247c][rid#8271034/initial] (2) local path result: [L]


---------------------------------------------------------------------------------------------------------------------------------------




--- Rewrite log for a request from allowed domain -----------------------------------------------------------------------------


111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (2) init rewrite engine with requested uri /image.gif
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '\.(jpe?g|gif|bmp|png|JPEG?G|GIF|BMP|PNG)$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='http://goodsite.com/hotlink.html' pattern='!^http://(www\.)?site\.com/' => matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='http://goodsite.com/hotlink.html' pattern='!^http://(www\.)?goodsite\.com/' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^/.+' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*MSFrontpage.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Frontpage.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Backweb.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Bandit.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Ants.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Buddy.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*zip.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Crawler.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Wget.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Grabber.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Sucker.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Downloader.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Siphon.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Collector.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Snagger.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Widow.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Snake.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Vacuum.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Pump.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Teleport.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Reaper.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Mag-Net.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Memo.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*pcBrowser.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*leech.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Stripper.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Offline.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Copier.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Mirror.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*mister.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*HMView.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*HTTrack.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*JOC.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*likse.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)' pattern='^.*Recorder.*$' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='default.ida' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='cmd.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='root.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/scripts/' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/src/redirect.php' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/biztalkhttpreceive.dll' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='/cgi-bin/mailbox.php3' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='_vti_' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (3) applying pattern '^.*$' to uri '/image.gif'
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (4) RewriteCond: input='GET /image.gif HTTP/1.1' pattern='shell.exe' => not-matched
111.222.111.222 - - [02/Apr/2005:13:51:36 -0500] [www.site.com/sid#81f247c][rid#8272034/initial] (1) pass through /image.gif


---------------------------------------------------------------------------------------------------------------------------------------
ASKER CERTIFIED SOLUTION
Avatar of caterham_www
caterham_www
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of demienx
demienx

ASKER


Thanks!,

I just replaced with:

RewriteRule \.(jpe?g|gif|bmp|png|JPEG?G|GIF|BMP|PNG)$ - [G,L]

and works the best way :)