Preventing a virtual link

Fix it!!

Preventing a virtual link

Postby ojaimi » Mon Oct 29, 2007 9:05 am

I have a modification for Matt Wright formmail at my upstream web hosting that is used by spammer to send emails through my website.

/cgi-sys/formmail.cgi

While I cannot delete it to stop it, can I have a rule to disable anyone from using it
ojaimi
 
Posts: 20
Joined: Sun Sep 30, 2007 4:30 am

Postby richardk » Mon Oct 29, 2007 9:16 am

Try the following in a .htaccess file in /cgi-sys
Code: Select all
<Files formmail.cgi>
  Deny from all
</Files>
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby ojaimi » Tue Oct 30, 2007 1:32 am

but i don't have access to /cgi-sys it is virtually accessbile by calling www.domain.com/cgi-sys/formmail.cgi

The only accessible directory is / which is www.domain.com so I need to put the .htaccess in the public_html directory
ojaimi
 
Posts: 20
Joined: Sun Sep 30, 2007 4:30 am

Postby richardk » Tue Oct 30, 2007 9:56 am

Then you probably can't stop it as it will be set up in the httpd.conf file and you will not be able to override it.

You can try the following in a .htaccess file in your document root
Code: Select all
Options +FollowSymLinks

RewriteEngine On

RewriteRule ^cgi-sys/formmail\.cgi$ - [F,L]
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby ojaimi » Tue Oct 30, 2007 2:03 pm

i tried it but it didn't work. i need to block all access to this page. is there any other way
ojaimi
 
Posts: 20
Joined: Sun Sep 30, 2007 4:30 am

Postby richardk » Tue Oct 30, 2007 2:10 pm

No. Your host has it set up in the main server configuration, the request never goes near your document root (so you can't use .htaccess files). All you can do is ask your host.
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am


Return to Security with Mod_Rewrite

Who is online

Users browsing this forum: No registered users and 8 guests

cron