How to ignore all *.php requests coming to RoR project in apache server?

Question

Requests like unwanted .php files hitting my ROR production log

Example:

[2019-08-07T03:42:45.415176 #32608] INFO -- : Started GET "/java.php" for 213.74.248.28 at 2019-08-07 03:42:45 -0400 F, [2019-08-07T03:42:45.419677 #32608] FATAL -- : ActionController::RoutingError (No route matches [GET] "/java.php"):

[2019-08-07T03:42:46.006077 #32608] INFO -- : Started GET "/_query.php" for 213.74.248.28 at 2019-08-07 03:42:46 -0400 F, [2019-08-07T03:42:46.011142 #32608] FATAL -- : ActionController::RoutingError (No route matches [GET] "/_query.php"):

How can i block these *.php hits in apache? i found something in nginx.but how can i block in apache? Also, i found a 'rack-attack' gem file to block. since I'm using ruby 2.2 the gem is not supporting.

How can i get rid of this?

you may redirect to some common page like not found – ManiMuthuPandi Aug 08 '19 at 06:25 — ManiMuthuPandi, Aug 08 '19 at 06:25

score 0 · Answer 1 · answered Aug 08 '19 at 07:23

0

Try something like this

<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{REQUEST_URI} (\.aspx|\.asp|\.php|\.jsp|\.cgi|bitrix|wp\-content)$ [NC]
 RewriteRule ^(.*)$ - [F,L]
</IfModule>

answered Aug 08 '19 at 07:23

Alex808

106
1
10

How to ignore all *.php requests coming to RoR project in apache server?

1 Answers1