Rewrite rule for php easter eggs

Hello,

I am trying to wrote a rewrite rule to forbid the request of PHP easter
eggs.

So I’d like the request:
http://site.domain.tld/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
to be redirected to index.php

I tried:
rewrite PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 /index.php last;

Or subsets of this one, but it doesn’t seem to work. The rewrite doesn’t
seem to be processed when I access the page.

Has someone an idea of why the rule isn’t processed?

you need a proper regular expression.

this should match it anywhere in the url, i.e.
http://site.domain.tld/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
http://site.domain.tld/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000&foo=bar

it shouldn’t just check for ending in it, because the query string
might still be active even though it has another key/value pair on the
end of it.

rewrite (.)PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000(.) /index.php last;

(i think that should work!)

On Sunday 13 April 2008, mike wrote:

rewrite (.)PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000(.) /index.php last;

http://site.domain.tld/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
to be redirected to index.php

I tried:
rewrite PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 /index.php last;

Or subsets of this one, but it doesn’t seem to work. The rewrite doesn’t
seem to be processed when I access the page.

Has someone an idea of why the rule isn’t processed?

nginx rewrite uses only URL-path, not URL-path+query_string

to match against query_string use if directive

if ($query_string ~ “blabla”) {
return 403;
}

mike wrote:

rewrite (.)PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000(.) /index.php last;

(i think that should work!)

Unfortunately, no, it is not working, I already tried this. Even if I
use a subset, it doesn’t work, for example, even
rewrite PHPB8B5F2A0 /index.php last;
doesn’t work. I haven’t put ^ nor $, so it should match whatever place
in the request without needing any .*

Oops :slight_smile:

<- nginx newbie. Good to know!

Roxis wrote:

nginx rewrite uses only URL-path, not URL-path+query_string

to match against query_string use if directive

if ($query_string ~ “blabla”) {
return 403;
}

Thanks, it solved my problem. I was sure it was something easy.

Cliff W. wrote:

On Sun, 2008-04-13 at 10:14 +0200, Renaud Allard wrote:

Hello,

I am trying to wrote a rewrite rule to forbid the request of PHP easter
eggs.

Add this to php.ini:

expose_php = off

Thanks. It works when used on php sites I have control of.
However, this obviously doesn’t work on sites I just proxy. But this is
an info I can easily pass on sites I proxy for.

On Sun, 2008-04-13 at 10:14 +0200, Renaud Allard wrote:

Hello,

I am trying to wrote a rewrite rule to forbid the request of PHP easter
eggs.

Add this to php.ini:

expose_php = off

Regards,
Cliff

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs