Apache :: Match Query String With URL As Value
Dec 30, 2014
I want to match a query string with modrewrite , the problem is that my query_string has a url as value:
%{QUERY_STRING} next=https://play.google.com/store/apps/details?pepe=1
and it doesn't work for me.
input='next=https://play.google.com/store/apps/details?pepe=1'
patttern='next=https://play.google.com/store/apps/details?pepe=1' => not-matched
but if I had to match only the uri , it works , the problem is when I try to add parameters to the query_string url:
http://someurl.com?next=https://play.google.com/store/apps/details?pepe=1
Is there any way to match that kind of query_string?
View 1 Replies
ADVERTISEMENT
Feb 21, 2013
I have an [URL] ....
I use htaccess to rewrite it to: [URL] ...
and there is a problem, because I do not get what I need. The result is: [URL] .....
The last / sing dous not even matter, because if I write the url without the ending /, the three dots are still removed.
It looks like everywhere in the url the (in regexp) .+/ pattern is replaced with a simple / sign.
The RewriteRule is very simple, I can not imagine it has anything to do with this, but it looks this:
RewriteRule ^(.*)$ index.php?p=$1 [QSA]
I started to log the rewrite and it looks like if the specific parts of the url are replaced before the rewrite got it.
These are the first few rows of the rewrite log:
add path info postfix: E:/web/service/szerz....odes -> E:/web/service/szerz....odes/action/axgetszerzodesar/ugyfelid/46402/termekid/46032/szerzodesszam/2012.01.01/
strip per-dir prefix: E:/web/service/szerz....odes/action/axgetszerzodesar/ugyfelid/46402/termekid/46032/szerzodesszam/2012.01.01/ -> szerz....odes/action/axgetszerzodesar/ugyfelid/46402/termekid/46032/szerzodesszam/2012.01.01/
applying pattern '^(.*)$' to uri 'szerz....odes/action/axgetszerzodesar/ugyfelid/46402/termekid/46032/szerzodesszam/2012.01.01/'
webserver: Apache/2.2.22 (Win32) PHP/5.2.17
and Apache/2.2.9 (Win32) PHP/5.2.17 (I refreshed it today because of this problem)
os: win7 home premium sp1
It is tested on a linux os too, but there were no such problems.
View 9 Replies
View Related
Mar 18, 2013
I don't know how to block a specific QUERY STRING url via .htaccess file, well actually I want to block this type of url :
test.php?q=RANDOMTEXT=&tl=The%20path%20ends
View 2 Replies
View Related
Jan 5, 2015
I want to permanent redirect some .html page from subdomain to main domain WordPress page,Redirect permanent /cat/FSBO76.URL....
View 1 Replies
View Related
Oct 11, 2009
Is it possible to call a cron job with a query string appended to the file. I have no problem setting up crons in the cron tab..but i'd like the cron to fetch a url that looks something like
/home/php/some-file.php?a=1
is this possible directly through the cron job? I guess an alternative is call some php file that uses curl but i was wondering if there 's a direct way.
View 2 Replies
View Related
Nov 24, 2014
I'm looking for a way to add a string to the end of an url if it contains a certain string (while using a .htaccess file).
If the url contains: derp.php it will add the following to the end of the url: &code=TEST
E.g. if an url contains derp.php?blabla it will be changed to: derp.php?blabla&code=TEST
How can I accomplish this?
View 2 Replies
View Related
Oct 28, 2014
After downloading httpd-2.2.29-win32.zip and generating SHA1 and SHA256 checksums from the file, they do not match the checksums posted on the download page.
View 4 Replies
View Related
Oct 30, 2014
I've migrated from Apache 2.2 to Apache 2.4 few days ago. It is installed as a service on my Windows 7 developer machine and works in bundle with PHP 5.6.2.
Today I've discovered that GET parameters with Cyrillic characters in URL string are empty.
For example URL looks like this: site.com/search.php?q=%C8%E2%E0%ED%EE%E2
URL-encoded string here is Иванов (%C8%E2%E0%ED%EE%E2)
When I try to use this GET parameter in my PHP script - the variable $_GET['q'] is empty. If I put latin characters in this parameter - $_GET['q'] is taking the corresponding value.
Doesn't look like it's a problem of PHP as I think. Otherwise at least something should stay in the variable. And also I would like to add that this was working absolutely normal on Apache 2.2.
View 9 Replies
View Related
Jan 30, 2013
I am using the following mod_rewrite rule for shortened SEO friendly links: RewriteRule ^blog/([^/]*).html$ /blog/blog.php?pid=$1 [R=301,L]
For Google SEO reasons, will the shortened rewritten link created from above be the permanent link, from the R=301? Even though the longer link is still functional? Or, do I need to create a rewrite match 301 rule to push the long URL to the shortened URL permanently?
View 5 Replies
View Related
Feb 23, 2013
I need htaccess file for one of my sites. I've searched everywhere, and I can't find a solution for my problem.
System Info:
Easy Apache v3.18.1
CentOS 6.3 (x86_64)
So I'm trying to redirect all URLs in a certain query range to a new website. i.e.,
mydomain.com/?p=35000
mydomain.com/?p=35001
mydomain.com/?p=35002
mydomain.com/?p=35003
etc.
all need to 301 redirect to myotherdomain.com
I don't need to append each query to the new domain. All the URLs simply need to redirect to the naked domain of the other site. So
mydomain.com/?p=35000 is not redirecting to myotherdomain.com/?p=35000
It is simply redirecting to myotherdomain.com
Also, I need to redirect the specific series ([35000-35999]) to the new domain. I want to redirect the www and the non-www URLs.
I've attempted to write the code myself, but when I upload the htaccess file, the URLs are not redirecting. I'm doing something wrong.
Here's what I've tried:
Code:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mydomain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.mydomain.com$
RewriteCond %{QUERY_STRING} ^p=([35000-35999]*)$
RewriteRule ^(.*)$ "http://myotherdomain.com/" [R=301,L]
View 2 Replies
View Related
Mar 26, 2014
I am running Apache on a Windows server and it is up and running.I downloaded and installed:
Apache 2.4.9 Win32 [Apache VC11 Binary] httpd-2.4.9-win32-VC11.zip
And included ModSecurity from download: modules-2.4-win32-VC11.zip..
The version of ModSecurity is mod_security-2.7.7 . It is up and running, but I get a warning:
ModSecurity: Loaded PCRE do not match with compiled!
Here's the difference in the PCRE from the logs:
PCRE compiled version="8.33 "; loaded version="8.34 2013-12-15".
The compiled version does not match the loaded version. Is this something I should be concerned about and try to find compiled versions that match?
View 2 Replies
View Related
Jun 20, 2007
mod_security: Access denied with code 406. Pattern match "<[[pace:]]*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome)[[pace:]]*>" at POST_PAYLOAD [hostname "domain.us"] [uri "/_vti_bin/_vti_aut/author.exe"]
This is my mod security rules.conf file
Code:
#Enforce proper HTTP requests
SecFilterSelective SERVER_PROTOCOL "!^HTTP/(0.9|1.0|1.1)$" "id:340000,rev:1,severity:1,msg:'Bad HTTP Protocol'"
# Only accept request encodings we know how to handle
# we exclude GET requests from this because some (automated)
# clients supply "text/html" as Content-Type
SecFilterSelective REQUEST_METHOD "!^(GET|HEAD|POST|PUT|PROPFIND|OPTIONS)$" "chain,id:340001,rev:1,severity:2,msg:'Restricted HTTP function'"
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
#Generic rule for allowed characters, very broken at the moment, dont use it unless you can fix it
#Then post your fix eh!
#SecFilterSelective REQUEST_URI "!^[-a-zA-z0-9.+_/-?=]+$" "chain,id:340002,rev:1,severity:2,msg:'Restricted HTTP character set'"
# Require Content-Length to be provided with
# every POST request
SecFilterSelective REQUEST_METHOD "^POST$" "chain,id:340003,rev:1,severity:2,msg:'Content Length not provided with POST'"
SecFilterSelective HTTP_Content-Length "^$"
# Don't accept transfer encodings we know we don't handle
# (and you don't need it anyway)
SecFilterSelective HTTP_Transfer-Encoding "!^$" "id:340004,rev:1,severity:2,msg:'Dis-allowed Transfer Encoding'"
#HTTP response spilting generic sigs
SecFilter "Content-Length:.*Content-Type:.*Content-Type:" "id:340005,rev:1,severity:2,msg:'HTTP response splitting'"
#HTTP response spilting generic sigs
SecFilter "Content-Length:" "chain,id:340006,rev:1,severity:2,msg:'HTTP response splitting'"
SecFilter "Content-Type:" chain
SecFilter "Content-Type:"
#deny TRACE method
SecFilterSelective REQUEST_METHOD "TRACE" "id:340007,rev:1,severity:2,msg:'TRACE method denied'"
#XSS insertion into Content-Type
SecFilterSelective THE_REQUEST "Content-Type:.*(<[[:space:]]*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome)[[:space:]]*>|onmouseover=|javascript:)" "id:300002,rev:1,severity:2,msg:'XSS attack in Content-type header'"
#Don't accept chunked encodings
#modsecurity can not look at these, so this is a hole
#that can bypass your rules, the rule before this one
#should cover this, but hey paranoia is cheap
SecFilterSelective HTTP_Transfer-Encoding "chunked" "id:300003,rev:1,severity:2,msg:'Chunked Transfer Encoding denied'"
#Code injection via content length
SecFilterSelective HTTP_Content-Length ";(system|passthru|exec)(" "id:330003,rev:1,severity:2,msg:'Code Injection in Content-Length header'"
#broad cross site scripting rule
#False alarms are a problem with this, use with caution
#SecFilterSelective THE_REQUEST "<(.|
)+>"
#generic recursion signatures
SecFilterSelective REQUEST_URI "!(alt_mod_frameset.php)" "chain,id:300004,rev:1,severity:2,msg:'Generic Path Recursion denied'"
SecFilterSelective THE_REQUEST "../../"
#generic path recurision sig
#generic recursion signatures
SecFilterSelective THE_REQUEST ".|./.|./.|" "id:300005,rev:1,severity:2,msg:'Generic Path Recursion denied'"
#generic bogus path sigs
SecFilterSelective THE_REQUEST ".../" "id:300006,rev:1,severity:2,msg:'Bogus Path denied'"
SecFilterSelective POST_PAYLOAD "[[:space:]]+...+;" "id:300007,rev:1,severity:2,msg:'Bogus Path denied'"
#Generic PHP exploit signatures
SecFilterSelective THE_REQUEST "(chr|fwrite|fopen|system|e?chr|passthru|popen|proc_open|shell_exec|exec|proc_nice|proc_terminate|proc_get_status|proc_close|pfsockopen|leak|apache_child_terminate|posix_kill|posix_mkfifo|posix_setpgid|posix_setsid|posix_setuid|phpinfo)(.*);" "id:330001,rev:1,severity:2,msg:'Generic PHP exploit pattern denied'"
#Generic PHP exploit signatures
SecFilterSelective POST_PAYLOAD|REQUEST_URI "<?php (chr|fwrite|fopen|system|echr|passthru|popen|proc_open|shell_exec|exec|proc_nice|proc_terminate|proc_get_status|proc_close|pfsockopen|leak|apache_child_terminate|posix_kill|posix_mkfifo|posix_setpgid|posix_setsid|posix_setuid|phpinfo)(.*);" "id:330002,rev:1,severity:2,msg:'Generic PHP exploit pattern denied'"
View 2 Replies
View Related
Jan 12, 2006
We need a MANAGED dedicated server for a client we are developing a website for. They will do most of their sales online.
Here is what we have found: As far as a managed dedicated server, the BEST company we have found that offers 24/7/365 phone support and has their own in-house hardware tech staff is RackSpace.
However, RackSpace is a little pricey (starts at around $400/month).
Is there any other REPUTABLE company available that offers MANAGED DEDICATED SERVERS WITH 24/7/365 phone support and in-house hardware tech support at a better price? Everytime I call RackSpace, I get a human being on the phone...NEVER an answering machine.
We want to put our client's website in the best hands possible.
With that said, are their any suggestions at a better price that match the support of RackSpace?
Thank you VERY MUCH for your helpful insight. We need to launch the site in a couple of weeks.
View 14 Replies
View Related
Jul 10, 2008
There is a new page on Rackspace's website where they are offering to match the price of any hosting company that sells the same package of specifications. It sounds like there will be no compromise on the standards of service included in the deal.
View 6 Replies
View Related
May 14, 2008
I wonder any provider still offering Price Match policy?
I saw some before but not anymore.
View 14 Replies
View Related
Jun 6, 2007
Hello,
I have two similar VPS plans with identical software setups.
I installed APF Firewall on VPS A, modified the conf.apf file to
change the interfaces to venet0 and set monokern to 1 and
then opened all the ingress ports required. Started the firewall
with 'service apf start' and everything went fine, and everything
is working fine with no errors.
I did the same on VPS B but when I start apf I get the following
error that reoccurs during the startup sequence:
iptables: No chain/target/match by that name
While the firewall does seem to be running (by checking iptables -L)
I am unable to download files on the VPS, via wget or yum ...
View 4 Replies
View Related
Jan 3, 2008
I have been finding MRSPUTNIK in User Agent strings hitting my Website and was wondering if anyone had any insight. I can find other incidences online, but can't figure out what it is indicating.
Has anyone else seen this?
MRSPUTNIK 2 0 0 17 HW
View 1 Replies
View Related
May 3, 2008
I'm having a bit of a problem with my SSL certificate and can't seem to work out how to get around it.
Trying to install a RapidSSL certificate to one of my websites but for some reason when i enter the certificate into cPanel it says:
modulus mismatch, key file does not match certificate. Please use the correct key file ..
View 3 Replies
View Related
Feb 22, 2008
Taken from apache error logs, are these below legit or false alarms per se? This same customer is having issues with php sendmail (server uses php 5 w/ phpsuexec enabled)
[Thu Feb 21 17:02:02 2008] [error] [client 216.9.250.112] mod_security: Access denied with code 406. Pattern match "!^[0-9a-z]*$" at COOKIE("PHPSESSID") [hostname "www.clientdomain.com"] [uri "/%23URL.ImagURL%23"]
[Fri Feb 22 10:13:18 2008] [error] [client 189.24.155.203] mod_security: Access denied with code 406. Pattern match "',''));" at POST_PAYLOAD [hostname "clientdomain.com"] [uri "/xmlrpc.php"] ....
View 1 Replies
View Related
Jun 16, 2008
OS: Windows 2003
I want to find out a string in a folder that holds 100+ files and sub-folders.
View 6 Replies
View Related
Dec 14, 2007
I currently have this code in my Image Upload script which changes the file name into sets of numbers and letters
Quote:
$new_file_name = "uploads/" . md5($_FILES['selector']['name'] . time()) . "." . $extension;
How can i make it so its smaller than an md5, about 6 or 7 numbers and letters.
View 2 Replies
View Related
Jul 20, 2007
We have some Cisco servers that are being administrated by Affant. I recently downloaded a network management tool called SolarWinds and it looks really interesting and amazing because it can do so much for network monitoring. It seems that it needs not only the IP address for out server, but also a Community String. I tried the basic defaults (private, public) but they will not connect. I researched online and found some other defaults for a 3COM network, but none of those worked either.
I was going to try and telnet through to the server but port 23 (default telnet port) is closed. Im sure its for security purposes. I also read online that if I used a packet sniffer, I would be able to sniff out packets which hed the community string in them.
However, I could not find a sniffer which would actually do this. Any suggestions on a good packet sniffer that could do this?
Also, If the telnet port is closed, is there any other way I could telnet into the server on a different port? Or maybe use some other way to access the server?
I really want to use this program but I dont think my corperate office would like us to be monitoring it using this third party software, but us IT people dont really care...
If there is anything you can help out with, it would be most appreciated.
View 1 Replies
View Related
Jul 17, 2014
OS = CentOS 6.5 (Final)
Plesk version = 12.0.18 Update #7, last updated at July 11, 2014 12:46 PM
I have been trying to make my sites better suited to anti spam measures. The only warning I have left to work out is:
Warning - Reverse DNS does not match SMTP Banner
In the Plesk settings i do have the outgoing mail setting set to Send from domain IP addresses and use domain names in SMTP greeting - still I get the warning.
I am using Post fix. This is a 1and1 dedicated server and I am using custom name servers for this domain. I believe the smtp banner is matching the main ip and not the domain.
View 7 Replies
View Related
Jun 24, 2007
When running yum update from ssh, I've got this error:
--> Processing Dependency: perl(String::CRC32) for package: lftp
--> Finished Dependency Resolution
Error: Missing Dependency: perl(String::CRC32) is needed by package lftp
did try to removing the lftp, then yum update running like a charm but cannot re-install it ( lftp ) again.
View 1 Replies
View Related
Oct 25, 2009
I need to do this:
(1) domain1.com limit to 10 connections per IP per 30 seconds but allow if accessing file beginning with x.php such as x.php?981 x.php?o19
(2) domain2.com limit to 10 connections per IP per 30 seconds only if accessing file beginning with x.php but allow if accessing file beginning with y.php y.php?981 y.php?o19 .....
View 8 Replies
View Related
Oct 3, 2014
I am using connection string that written below but it does not work in your host.
<add name="LocalSqlServer" connectionString="Data Source=mssql.mydomain.at; Initial Catalog= mydb; User ID= myuserid; Password= mypassword; MultipleActiveResultSets=True;"/>
Any connection string instance for mssql webadmin ?
View 1 Replies
View Related
Jun 27, 2014
I recently upgraded from Plesk 11.5 to 12.0. I also just got an extra IPv4-address for my server (provider is Strato), unfortunately I have some problems with adding it to Plesk.
The IP should be assigned automatically through DHCP, but when I did a Reread IP in Plesk, nothing happened. I tried to manually add the IP, but then Plesk manually configured it and I lost the IPv4-connectivity (IPv6 kept working though).
Now when I want to remove the IP, I get the following error:
Is this a bug or a problem with my specific configuration?
View 3 Replies
View Related
