How to block invalid URL with query param contains extension(.alfa OR .php) on dispatcher

Forum|Forum|3 years ago
November 23, 2022
1 reply
1893 views

Valid URL
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001

Invalid URL going to AEM publisher.
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001/ALFA_DATA/alfacgiapi/perl.alfa
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001/wp-plain.php

How to block invalid URL with query param contains extension(.alfa OR .php) on dispatcher ? Invalid URL need to redirect to error page.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by arunpatidar

Hi,

You can remove those query param using apache rewrite rule

Example

RewriteEngine On
RewriteCond %{QUERY_STRING} ^doctorId=.*(.alfa|.php)$
RewriteCond %{REQUEST_URI} /doctor/doctor-detail\.html$
RewriteRule (.*) $0?

arunpatidar

Accepted solution

Community Advisor

Hi,

You can remove those query param using apache rewrite rule

Example

RewriteEngine On
RewriteCond %{QUERY_STRING} ^doctorId=.*(.alfa|.php)$
RewriteCond %{REQUEST_URI} /doctor/doctor-detail\.html$
RewriteRule (.*) $0?

Arun Patidar

S

sankarr26533925Author

Level 3

Thanks @arunpatidar for your response. Multiple requests are coming from unknown ip(hacker). So We need to block the request and redirect to error page. Can we achieve it using filter section?

arunpatidar

Community Advisor

I think, for that you have to use the DDoS protection.

But of you think, the query parameters are not required at backend, you can simply remove the query parameter from request propagation(example is above) so that cached page can be served.

Arun Patidar

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded