Hi there!
I am totally new to the security field.
I have a simple php script that tracks my users activities:
Code:
$ref=$_SERVER['HTTP_REFERER'];
$ip=$_SERVER['REMOTE_ADDR'];
$page=$_SERVER['REQUEST_URI'];
include("etc/config.mysql.php");
$conn_visits=mysql_connect($mysql_hostname,$mysql_username,$mysql_password) or die (mysql_error());
mysql_select_db($mysql_db) or die (mysql_error());
mysql_query("INSERT INTO `visits` (`id` ,`ip` ,`session`, `page`,`referer` ,`date`) VALUES ( '' , '$ip', '$sid','$page','$ref',  CURRENT_TIMESTAMP)") or die (mysql_error()); 
mysql_close($conn_visits) or die (mysql_error());

I noticed that an user tried to load this page: /index.php?dir=../../../../../../../../../../../../..//proc/self/environ%0000

Code:
2012-04-15 07:34:26 103.29.196.12 c4ca4bf185f588f6b739952f4f6d15e9  /blog/2012/03/16/index.php?dir=../../../../../../../../../../../../..//proc/self/environ%0000
2012-04-15 07:34:22 103.29.196.12 b302b847e98edd619b0fd520b95ce69a  /index.php?dir=../../../../../../../../../../../../..//proc/self/environ%0000
By googling I realised it was an attempt to view private sys informations, called "directory traversal attack".

My question is, can I prevent this by setting a mod_rewrite instruction to redirect to a given URL all URLs containing "../../"?
Thank you

o.