mod-rewrite solution for uuencoded urls

[danila437]

Dear All,
I am an webmaster (apache) with very little knowledege about mod-rewrite and limited experience of apache.
In the last period I observed that I got a lot of hits (checking the server stats) that displayed a 404 error message.
All of these urls look like uuencoded urls:
http://mysite.com%3fparam1=value1%26...6param4=value4 et, etc. which is the uuencoded of
http://mysite.com?param1=value1&para...&param4=value4.

I couldn't make apache understand the above UUencoded)URL. Maybe it's a simple solution I don't know about.
And I was thinking that. for sure, there must be a mod rewrite solution in order to make httpd accept a URL uuencoded url.
So, can somebody show me how to make a mod-rewrite script that translate uuencoded urls to normal url understandable by the server? (or maybe how to set the server to handle uuencoded urls).

Thank you in advance!

[dklynn]

dan,

http://mysite.com?param1=value1&para...&param4=value4 isn't a properly formatted URL. Did you create that (without the slash OR the script name) OR is this someone trying to hack your website?

Apache know how to deal with encoded characters and does it quite nicely both within and without mod_rewrite.

Personally, I'd either:

Tighten up my DirectoryIndex script's handling of key=value pairs 'cause you're being hacked

OR

Improve my coding of links.

Regards,

DK

[danila437]

Thank you so much for answering me David.
I don't exclude the fact to be hacked (though I'm doubting it).
Actually, I am confused by being told that this url is not good.
I just wanted to give you an example with 4 parameters (in fact I have about 5-6in the real case) but the url given as example was truncated by sitepoints.
I'll give you a shorter one with only 2 parameters hopely it will not ne truncated by sitepoint.
I meant that un my apache logs I found urls like
(1)http://mysite.com%3fparam1=value1%26param2=value2
or like
(2)http://mysite.com?param1=value1&param2=value2, but all that look like (1)
uuencoded have associated a 404 error code and all the others are ok.
And, indeed if I click (in the statistics log) the links looking like (1) I get always a 404 not found errors , the others are all good.
In the last months I got about 100K not found errors (404) from about 98k different URL, and that is strange for me also because a referring spammer would have concentrate on a few URLs (to get registered in the referral statistics) and would not spoof 90k different urls.
I started graduakky to get such errors since the beginning of December (now I looked back to track this strange behaviour).

I just made a trivial trial with another site of mine (I replaced "?" with "%3f"
with the same results.

Daniel

dan,

http://mysite.com?param1=value1&para...&param4=value4 isn't a properly formatted URL. Did you create that (without the slash OR the script name) OR is this someone trying to hack your website?

Apache know how to deal with encoded characters and does it quite nicely both within and without mod_rewrite.

Personally, I'd either:

Tighten up my DirectoryIndex script's handling of key=value pairs 'cause you're being hacked

OR

Improve my coding of links.

Regards,

DK

[dklynn]

dan,

Please forgive my being blunt (I'll blame the late hour) but you MUST learn about URLs and http://www.ietf.org/rfc/rfc2396.txt would be a GREAT place to start. Unfortunately, for you not to realize that

1. The domain name must be followed by a /

http://mysite.com?param1=value1&param2=value2 is invalid while http://mysite.com/?param1=value1&param2=value2 is valid - but ONLY because webservers can be told what the DirectoryIndex scripts are so that they will go fetch one, like index.php, and feed it the query string "param1=value1&param2=value2". In other words, this URL is really http://mysite.com/index.php?param1=value1&param2=value2

AND

2. The ? marks the END of the URI string and the beginning of the query string

"param1=value1&param2=value2" is the query string above as specified by the ? immediately preceeding it (the ? is just a marker (RESERVED CHARACTER) and has no other meaning - it simply canNOT be matched using any Apache variable).

makes it extremely difficult for anyone to teach you much in the way of mod_rewrite - except to say that mod_rewrite CAN help you but only after you learn some Internet basics.

Since you've not shown your attempts at mod_rewrite code, I'll bet that you're writing RewriteRule statements to match the content of the query string. Know that ONLY RewriteCond statements can do that.

The linked article above is rather "geeky" in its specifications for the content of URL, URI and URNs but understanding the URI is critical to those dealing with websites and moreso to those writing mod_rewrite code.

Regards,

DK

[danila437]

Dk,
Thanks again for the new tips!
I know very well what is a correct url.
When I wrote http://mysite.com?param1=value1 etc
I just wanted to simplify things instead of
http://mysite.com/dir1/dir2/dir3/the...?param1=value1 (and other 4-5parameters).

Actually ONLY ONE THING WOULD MADE ME HAPPY: just to translate the escape sequence "%3f" from the url to "?". This way, I would totally avoid the infamous error code 404 since the name of the file will be clearly delimited (the other parameters are not so important because my php file will assign default good values)

This is the mod-ewrite sequence I wrote and tested with little variations:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^(.+)(%3f)(.+)$
RewriteRule ^$ %1?%3 [L]

In php it worked finely.( I tested it- with the the mention that in the last line I had to use %
instead of &).

As I stated earlier it just wants to replace "%3f" with "?". Maybe the presence of '%' character can be a problem (in regex is not a reserved character anyway, but in mod-rewrite seems to be).

It looks apparently so easy but it dosen/t work in mod-rewirite which is so powerful.

Any hints to solve this (trivial now) problem would make me happy (I'm loosing 100K impression per month) !


Daniel

[dklynn]

Dan,

As explained before, the ? is simply a reserved character which you cannot access with any mod_rewrite code. I've BOLDed the bit above as a reminder/explanation.

As you're a newbie in the SP forums (please pardon my late acknowledgement and poor welcome), the solution is for you to include a / (as recommended above, i.e., http://mysite.com/?param1=value1&param2=value2) before the ? THEN use the following mod_rewrite code:

Code:

RewriteCond %{QUERY_STRING} ^([a-z0-9]+)=([a-z0-9]+)&([a-z0-9]+)=([a-z0-9]+)&([a-z0-9]+)=([a-z0-9]+)&([a-z0-9]+)=([a-z0-9]+)$
RewriteRule ^/?(index\.php|)$ someotherfile/%1/%2/%3/%4/%5/%6/%7/%8 [L]

Okay, that suffers greatly in the RewriteRule as I have NO IDEA what your DirectoryIndex file is OR what you want to do with the parameter/value pairs captured from the %{QUERY_STRING} variable.

I hope that makes up for the poor welcome as we (I) am here to help those who need help LEARNING.

Regards,

DK