htaccess restrict post access to specific url

Question

I have one site witch is encrypted and i cant make this inside code. So i know that we can redirect or throw 404 error via mod_rewrite.

Also my url is in cyrillic so in Chrome looks like

www.example.com/Нешто_два

but when i copy/paste it looks like

www.example.com/%D0%9F%D0%BE%D0%B1%D0%B0%D1%80%D0%B0%D1%98%D1%82%D0%B5_%D0%A2%D0%B5%D1%81%D1%82_%D0%92%D0%BE%D0%B7%D0%B5%D1%9A%D0%B5

i tried to use mod_rewrite to disable post request on that url, but still that url accept post requests. Tested by http tool.



    RewriteEngine On
    RewriteBase /




    RewriteCond %{REQUEST_URI} !^.*/tiny_mce/.*$
    RewriteCond %{REQUEST_URI} \.(php|html?)$ [OR]
    RewriteCond %{REQUEST_FILENAME} !-f

    RewriteRule ^([^.]*)\.?(.*)$    index.php?q_url=$1 [QSA]

        RewriteCond %{REQUEST_METHOD} POST
        RewriteCond %{REQUEST_URI} ^Нешто_два$
        RewriteRule ^ - [L,R=404]

kbickar · Accepted Answer

The .htaccess file needs to have the URL in the escaped form, so rather than "Нешто_два", you should put the version that appears escaped "%D0%9F%D0%BE%D0%B1%D0%B0%D1%80%D0%B0%D1%98%D1%82%D0%B5_%D0%A2%D0%B5%D1%81%D1%82_%D0%92%D0%BE%D0%B7%D0%B5%D1%9A%D0%B5"

That looks a bit long, so there might be some other stuff. I tried just converting the string and came up with:

"\xD09D\xD0B5\xD188\xD182\xD0BE_\xD0B4\xD0B2\xD0B0"

The escaped versions can be put in the RewriteCond:

RewriteCond %{REQUEST_URI} ^%D0%9F%D0%BE%D0%B1%D0%B0%D1%80%D0%B0%D1%98%D1%82%D0%B5_%D0%A2%D0%B5%D1%81%D1%82_%D0%92%D0%BE%D0%B7%D0%B5%D1%9A%D0%B5$

htaccess restrict post access to specific url

Answers (2)

Related Questions