Solved

htaccess question

Posted on 2015-01-06
8
73 Views
Last Modified: 2015-01-23
Hello,

I am running a php server and keep getting thousands of requests for a .asp file that is clearly not on the server. I want to throw them off the site, it is crashing the server.

I have this as a rule in my htaccess:

RewriteCond %{THE_REQUEST} ^[A-Z]+\s([^\s]+)\.asp\s
RewriteRule .*$ http://127.0.0.1 [R=301,L]
RewriteRule ^(.*)\.asp$ http://127.0.0.1

Open in new window


but this address is still loading, I am guessing that it is because there is a variable, how can I block these too?

https://domain.com/sm_login.asp?SID=ot8klbtvok43ga6gvchl74pd56

Open in new window


Matt
0
Comment
Question by:movieprodw
  • 4
  • 3
8 Comments
 
LVL 13

Expert Comment

by:Ugo Mena
Comment Utility
+FollowSymLinks must be enabled for any rules to work, this is a security requirement of the rewrite engine. Normally it's enabled in the root and you shouldn't have to add it, but it doesn't hurt to do so.

Options +FollowSymlinks
RewriteEngine on
RewriteRule ^(.+)\.asp$ http://redirectToThisLink.html [R,NC]

Open in new window

0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
Server crashes for other reasons.
Serving 404 errors is very lightweight action within core.

There should be some other deficiency that makes server crash.
Please filter ASP 404 from error logs and check better stuff that may crash your server.
0
 
LVL 1

Author Comment

by:movieprodw
Comment Utility
Not if you are using magento and the 404 page is a magento loaded page.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
Is your apache using a lot of RAM?
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 1

Author Comment

by:movieprodw
Comment Utility
Ultralites,

That did not work. The URL is still loading and showing the magento 404 page.

RewriteCond %{THE_REQUEST} ^[A-Z]+\s([^\s]+)\.asp\s
RewriteRule .*$ http://127.0.0.1 [R=301,L]
RewriteRule ^(.*)\.asp$ http://127.0.0.1

Options +FollowSymlinks
RewriteEngine on
RewriteRule ^(.+)\.asp$ http://127.0.0.1 [R,NC]

Open in new window

0
 
LVL 1

Author Comment

by:movieprodw
Comment Utility
gheist, the ram is very low but I am getting these DDoS style attacks where they are loading thousands of .asp?sid=xxxxxx urls and it is clogging up the bandwidth and using all of the ram
0
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
Comment Utility
It is not DDOS. it is attempt to take over old ASP session (not ASPx), you are compeltely immune to the attack, though your apache configuration could wish better.
At least remove heavy 404 page provided by Magento - it serves no purpose, just does damage and grief.

Could you try to manage moving on to worker MPM and php-cgi linked with mod_fcgid? That will greatly reduce memory consumption - namely you will have small apache like with no modules, and few PHP backends of large RAM
0
 
LVL 1

Author Closing Comment

by:movieprodw
Comment Utility
Thanks
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now