ipel
Reputation: 1348
htaccess block requests by querystring
There is a way to block all the requests with a certain querystring?
I should block all the request that have "?userid=1234" or "&userid=1234"
For example:
/directory/page.php?userid=1234&var2=abc&var3=..
/directory/page.php?var1=test&userid=1234&var2=abc&var3=..
The directory and the page are always the same.
I know it's possibile, but i'm not sure how..
Upvotes: 2
Views: 6724
Answers (1)
Justin Iurman
Reputation: 19016
You can check QUERY_STRING and test if it contains userid=1234.
If so, then forbid it
RewriteEngine on
RewriteCond %{QUERY_STRING} \buserid=1234\b [NC]
RewriteRule ^ - [F]
Note: \b is a word boundary anchor. Having it before and after the pattern we want to match makes sure that the rule will match exactly on userid=1234 and not on, e.g., xxxuserid=1234 or userid=1234xxx.
Upvotes: 10
Related Questions
- htaccess send 404 if query string contains keyword
- apache: block request via RewriteRule in .htaccess
- htaccess block GET request to specific URL
- wordpress htaccess to block a query string
- htaccess - block traffic WITH specific get request
- mod_rewrite rule to prevent query string
- block QUERY_STRING in htaccess other then secified
- mod_rewrite ignore specific query string param
- .htaccess forbid for all except when specific {querystring}/$_GET
- How do I make a url forbidden in apache mod_rewrite, based on the query string?