Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

redirectMatch not working? 1

Status
Not open for further replies.
Tracey

Tracey

Programmer
Oct 16, 2000
690
NZ
Hi

ages and ages ago i got some advise on how to block worm virus traffic

I have the following in my httpd.conf:
Code: 
redirect /scripts [URL unfurl="true"]http://www.stoptheviruscold.invalid[/URL]
redirect /MSADC [URL unfurl="true"]http://www.stoptheviruscold.invalid[/URL]
redirect /c [URL unfurl="true"]http://www.stoptheviruscold.invalid[/URL]
redirect /d [URL unfurl="true"]http://www.stoptheviruscold.invalid[/URL]
redirect /_mem_bin [URL unfurl="true"]http://stoptheviruscold.invalid[/URL]
redirect /msadc [URL unfurl="true"]http://stoptheviruscold.invalid[/URL]
redirect /_vti_bin [URL unfurl="true"]http://stoptheviruscold.invalid[/URL]
RedirectMatch (.*)\cmd.exe [URL unfurl="true"]http://stoptheviruscold.invalid$1[/URL]
RedirectMatch (.*)\root.exe [URL unfurl="true"]http://stoptheviruscold.invalid$1[/URL]
RedirectMatch (.*)\default.ida [URL unfurl="true"]http://stoptheviruscold.invalid$1[/URL]

while the number of wormy hits using up my bandwidth has reduced considerable since adding that to my config file, the problem is that the last line doesnt seem to work, i am still getting a dozen or so hits like:

Code: 
187.166.17.210.dyn.pacific.net.hk - - [01/Aug/2003:02:51:00 +1200] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 404 772
210.183.70.31 - - [01/Aug/2003:05:14:33 +1200] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 404 772

giving errors of:

[Thu Aug 07 08:27:38 2003] [error] [client 210.108.147.228] File does not exist: C:/Apache/htdocs/default.ida

Remember... True happiness is not getting what you want...

Its wanting what you have got!
 
Sort by date Sort by votes
Hmmm, second complaint is the submit button is too close to the preview post button (lol)

anyway, is there anyone who can tell me why this ONE line is not doing its job?

cheers [cheers] in advance

Tracey [hippy]

Remember... True happiness is not getting what you want...

Its wanting what you have got!
 
Upvote 0 Downvote
Cheers Daniel, that seems to be working now

[cheers'
tracey

Remember... True happiness is not getting what you want...

Its wanting what you have got!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
342
Stephen_Hawk
Stephen_Hawk
CecilXavier
  • Locked
  • Question
RHEL IDM with Radius not authenticating
Replies
0
Views
204
CecilXavier
CecilXavier
kurio71
  • Locked
  • Question
Favicons not Working after Redirection 1
Replies
7
Views
264
ChrisHirst
ChrisHirst
waydown
  • Locked
  • Question
Network card not detected
Replies
1
Views
158
ChrisHirst
ChrisHirst
sandy4tektips
  • Locked
  • Question
Masquerading is not working in sendmail
Replies
0
Views
102
sandy4tektips
sandy4tektips

Part and Inventory Search

Sponsor

Back
Top