how to ignore *.php requests using Apache

By etagwerker | Published: September 1, 2010

I recently deployed a beta version of one of my projects.

A few days went by and then I started getting 404 email notifications to my inbox. It seems that someone was trying to exploit known PHP issues (eg. phpMyAdmin issues, as seen in the picture below)

Exception emails due to exploit attempts

Here is how I solved this issue:

  1. Make sure you have mod_rewrite enabled for your Apache
  2. Write a rule in your VirtualHost that looks like this:
1
2
3
4
5
6
<VirtualHost *:80>
  ServerName example.com
  DocumentRoot /path/to/example.com/current/public
  RewriteEngine On
  RewriteRule    ^.*.php$  404.html  [R]
</VirtualHost>

This will redirect any *.php requests to your 404.html and save resources in your server.

This entry was posted in open source, Ruby programming, web programming and tagged , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam protection by WP Captcha-Free