OK,
We are getting sent hundreds of SQL injection attacks and while we are not being compromised I would like to return a 403 response instead of my application server still doing work on these requests.
I can do it on a site by site basis with something like this:-
RewriteCond %{QUERY_STRING} ;DECLARE%20 [NC]
RewriteRule .* - [NC,L,F]
in the .htaccess file. However, I would like to add it to the httpd.conf file to protect all my sites in one go. I know the above RewriteCond could be better and it will be before I put it live, but I need to know how to do it.
I have added the above rule into the httpd.conf before I declare my virtual hosts and after, neither work. I have also tried:-
RewriteCond %{QUERY_STRING} ;DECLARE%20 [NC]
RewriteRule ^/(.*)$ $1 [NC,L,F]
which also doesn't work. From googling I have not really found anything of much help, so I would really appreciate any input.
Regards,
Simon