New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
mod_rewrite && (open)litespeed: how to return 404 for all files with php extension?
Hello,
I'm having some trouble in a simple (at least I think so) rewrite rule:
I want to return 404 for all php files.
But I should also take in care that they can have a path info (so something like http://www.example.com/foo.php/bar).
I've noticed that, on apache, I can easily do that using ${LA-U:REQUEST_FILENAME} but litespeed doesn't support it.
Someone have some ideas on how I can do that in litespeed? Even without rewrite rules, ofc.
Regards.
Comments
@Steve81 I am not sure if this helps
I am just using regex/htaccess. My guess is this is probably not what you want But I am no litespeed or regex Pro
Hope some one else can help you or you can engineer this to what you need!
Or why not just do it all in one..
This should 404 any combo of...
/foo.php
foo.php?bar=
foo.php/bar
Thank you @natestamm, litespeed support htaccess (well, at least I can put those rule in the config file).
But your RewriteRule would return 404 to something like that:
/foo.php/bar/img.jpg
where foo.php is a directory
It's odd, but I prefer also to check the existence of the file before return 404.
@Steve81 Ah that's my fault I thought that was a file and you might be doing some dispatching or routing there and you needed to block it.
I believe this rule should work for most cases. Check any thing up to a "dot PHP"-is a file, not a directory. I checked this quick on subdirectories that are formatted like you specify and it will allow that also-404 on just actualy PHP files. Still feel like I'm missing it. I just thought also if you ever wanted to allow PHP files in the middle of your path because of dispatching or routing then you'd want to actually check that there is an additional path directory or file following, But my first rules above are just blocking any .php in the path.
But try this out it might be good.