Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Dispatcher Filters

Avatar

Level 5

Hi Team,

Instead of white listing whole /content/* in filter rule 1 in dispatcher.any.

many unmapped requests like /content/xyz/example/https://example.com can still land on publisher.

Is there any way to block any unmapped requests like /content/xyz/example/https://example.com.

Thanks,

Viki

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

HI Viki,

Absolutely, as you keep maintaining the application you see what visitors are trying to achieve. The more they try, the better your analysis is. The better results you achieve.

You can use standard Apache rewrite rules to kick out any unwanted visitors, here I'm showing forbidden.
RewriteRule ^content/xyz/example/[^/]+/https://example.com$ - [F]

Or it can come up as a more complicated rule that attempt to block all the cases:

RewriteRule ^content/xyz/example/[^/]+(?!mailto:)(?:(?:http|https|ftp)://)(?:\\S+(?::\\S*)?@)?(?:(?:(?:[1-9]\\d?|1\\d\\d|2[01]\\d|22[0-3])(?:\\.(?:1?\\d{1,2}|2[0-4]\\d|25[0-5])){2}(?:\\.(?:[0-9]\\d?|1\\d\\d|2[0-4]\\d|25[0-4]))|(?:(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)*(?:\\.(?:[a-z\\u00a1-\\uffff]{2,})))|localhost)(?::\\d{2,5})?(?:(/|\\?|#)[^\\s]*)?$ - [F]

However, no matter how hard you try the user will still win and unwanted requests will reach Publisher, if someone really tries.

Regards,

Peter

View solution in original post

2 Replies

Avatar

Correct answer by
Community Advisor

HI Viki,

Absolutely, as you keep maintaining the application you see what visitors are trying to achieve. The more they try, the better your analysis is. The better results you achieve.

You can use standard Apache rewrite rules to kick out any unwanted visitors, here I'm showing forbidden.
RewriteRule ^content/xyz/example/[^/]+/https://example.com$ - [F]

Or it can come up as a more complicated rule that attempt to block all the cases:

RewriteRule ^content/xyz/example/[^/]+(?!mailto:)(?:(?:http|https|ftp)://)(?:\\S+(?::\\S*)?@)?(?:(?:(?:[1-9]\\d?|1\\d\\d|2[01]\\d|22[0-3])(?:\\.(?:1?\\d{1,2}|2[0-4]\\d|25[0-5])){2}(?:\\.(?:[0-9]\\d?|1\\d\\d|2[0-4]\\d|25[0-4]))|(?:(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)*(?:\\.(?:[a-z\\u00a1-\\uffff]{2,})))|localhost)(?::\\d{2,5})?(?:(/|\\?|#)[^\\s]*)?$ - [F]

However, no matter how hard you try the user will still win and unwanted requests will reach Publisher, if someone really tries.

Regards,

Peter