mod_rewrite tag archive

Redirect All Requests for a Nonexistent File to the Actual File

By Jeff Starr • .htaccess • Tuesday, August 12, 2008

In my previous article on redirecting 404 requests for favicon files, I presented an HTAccess technique for redirecting all requests for nonexistent favicon.ico files to the actual file located in the site’s web-accessible root directory: # REDIRECT FAVICONZ <ifmodule mod_rewrite.c> RewriteCond %{THE_REQUEST} favicon.ico [NC] RewriteRule (.*) http://domain.tld/favicon.ico [R=301,L] </ifmodule> As discussed in the article, this code is already in effect here at Perishable Press, as may be seen by clicking on any of the following links: http://perishablepress.com/wp/favicon.ico [...] • Read more »

Stop the Madness: Redirect those Ridiculous Favicon 404 Requests

By Jeff Starr • .htaccess • Monday, August 11, 2008

For the last several months, I have been seeing an increasing number of 404 errors requesting “favicon.ico” appended onto various URLs: http://perishablepress.com/press/favicon.ico http://perishablepress.com/press/2007/06/12/favicon.ico http://perishablepress.com/press/2007/09/25/absolute-horizontal-and-vertical-centering-via-css/favicon.ico http://perishablepress.com/press/2007/08/01/temporary-site-redirect-for-visitors-during-site-updates/favicon.ico http://perishablepress.com/press/2007/01/16/maximum-and-minimum-height-and-width-in-internet-explorer/favicon.ico When these errors first began appearing in the logs several months ago, I didn’t think too much of it — “just another idiot who can’t find my site’s favicon..” As time went on, however, the frequency and variety of these misdirected requests continued to increase. A bit frustrating perhaps, but not [...] • Read more »

Perishable Press HTAccess Spring Cleaning, Part 2

By Jeff Starr • .htaccess • Tuesday, June 17, 2008

Before Summer arrives, I need to post the conclusion to my seasonal article, Perishable Press HTAccess Spring Cleaning, Part 1. As explained in the first post, I recently spent some time to consolidate and optimize the Perishable Press site-root and blog-root HTAccess files. Since the makeover, I have enjoyed better performance, fewer errors, and cleaner code. In this article, I share some of the changes made to the blog-root HTAccess file and provide a brief explanation as [...] • Read more »

Series Summary: Building the 3G Blacklist

By Jeff Starr • .htaccess, Security • Sunday, May 25, 2008

In the now-complete series, Building the 3G Blacklist, I share insights and discoveries concerning website security and protection against malicious attacks. Each article in the series focuses on unique blacklist strategies designed to protect sites transparently, effectively, and efficiently. The five articles culminate in the release of the next generation 3G Blacklist. For the record, here is a quick summary of the entire Building the 3G Blacklist series: • Read more »

Perishable Press HTAccess Spring Cleaning, Part 1

By Jeff Starr • .htaccess • Tuesday, May 20, 2008

While developing the 3G Blacklist, I completely renovated the Perishable Press site-root and blog-root HTAccess files. Since the makeover, I have enjoyed better performance, fewer errors, and cleaner code. In this article, I share some of the changes made to the root HTAccess file and provide a brief explanation as to their intended purpose and potential benefit. In sharing this information, I hope to inspire others to improve their own HTAccess and/or configuration files. In the next [...] • Read more »

Perishable Press 3G Blacklist

By Jeff Starr • .htaccess, Security • Tuesday, May 13, 2008

After much research and discussion, I have developed a concise, lightweight security strategy for Apache-powered websites. Prior to the development of this strategy, I relied on several extensive blacklists to protect my sites against malicious user agents and IP addresses. Over time, these mega-lists became unmanageable and ineffective. As increasing numbers of attacks hit my server, I began developing new techniques for defending against external threats. This work soon culminated in the release of a “next-generation” blacklist [...] • Read more »

Building the 3G Blacklist, Part 5: Improving Site Security by Selectively Blocking Individual IPs

By Jeff Starr • .htaccess, Security • Tuesday, May 13, 2008

In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. Wrapping up the series with this article, I provide the final key to our comprehensive blacklist strategy: selectively blocking individual IPs. Previous articles also focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. In the next article, these five articles will culminate in the release of the next generation 3G Blacklist. Improving Site Security [...] • Read more »

Building the 3G Blacklist, Part 4: Improving the RedirectMatch Directives of the Original 2G Blacklist

By Jeff Starr • .htaccess, Security • Monday, May 12, 2008

In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this fourth article, I build upon previous ideas and techniques by improving the directives contained in the original, 2G Blacklist. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Improving [...] • Read more »

Building the 3G Blacklist, Part 3: Improving Site Security by Selectively Blocking Rogue User Agents

By Jeff Starr • .htaccess, Security • Tuesday, May 06, 2008

In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this third article, I discuss targeted, user-agent blacklisting and present an alternate approach to preventing site access for the most prevalent and malicious user agents. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the [...] • Read more »

Building the 3G Blacklist, Part 2: Improving Site Security by Preventing Malicious Query-String Exploits

By Jeff Starr • .htaccess, Security • Monday, May 05, 2008

In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this second article, I present an incredibly powerful method for eliminating malicious query string exploits. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Improving Site Security by Preventing Malicious [...] • Read more »

Building the 3G Blacklist, Part 1: Improving Site Security by Recognizing and Exploiting Server Attack Patterns

By Jeff Starr • .htaccess, Security • Sunday, May 04, 2008

In this series of five articles, I share insights and discoveries concerning website security and protecting against malicious attacks. In this first article of the series, I examine the process of identifying attack trends and using them to immunize against future attacks. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation [...] • Read more »

How to Block Proxy Servers via htaccess

By Jeff Starr • .htaccess, Security • Sunday, April 20, 2008

Not too long ago, a reader going by the name of bjarbj78 asked about how to block proxy servers from accessing her website. Apparently, bjarbj78 had taken the time to compile a proxy blacklist of over 9,000 domains, only to discover afterwards that the formulated htaccess blacklisting strategy didn’t work as expected: deny from proxydomain.com proxydomain2.com Blacklisting proxy servers by blocking individual domains seems like a futile exercise. Although there are a good number of reliable, consistent [...] • Read more »

2G Blacklist: Closing the Door on Malicious Attacks

By Jeff Starr • .htaccess, Security • Tuesday, February 26, 2008

Since posting the Ultimate htaccess Blacklist and then the Ultimate htaccess Blacklist 2, I find myself dealing with a new breed of malicious attacks. It is no longer useful to simply block nefarious user agents because they are frequently faked. Likewise, blocking individual IP addresses is generally a waste of time because the attacks are coming from a decentralized network of zombie machines. Watching my error and access logs very closely, I have observed the following trends [...] • Read more »

Three Ways to Allow Hotlinking in Specific Directories

By Jeff Starr • .htaccess, Security • Wednesday, November 28, 2007

After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking: Place hotlink images in an alternate directory This method works great if your hotlink-protection rules are located in a directory other than the [...] • Read more »

Key Pages

More Categories

News (101)
Random (27)
Web Design (11)
WordPress (202)
Blogging (29)
Graphics (27)
Tech (50)