Trying to stop urls such as mydomain.com/index.php/garbage-after-slash
I know very little about .htaccess files and mod-rewrite rules. Looking at
my statcounter information today, I noticed that a visitor to my site
entered a url as follows:
http://mywebsite.com/index.php/contact-us
Since there is no such folder or file on the website and no broken links
on the site, I'm assuming this was a penetration attempt. What was
displayed to the visitor was the output of the index.php file, but without
benefit of the associated CSS layout.
I need to create a rewrite rule that will either remove the information
after index.php (or any .php file), or perhaps more appropriately, insert
a question mark (after the .php filename), so that any following garbage
will be treated like a parameter (and will be gracefully ignored if no
parameters are required).
Thank you for any assistance.
No comments:
Post a Comment