Adobe Experience Manager Sites & More

sankarr26533925 · ‎23-11-2022

Valid URL
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001

Invalid URL going to AEM publisher.
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001/ALFA_DATA/alfacgiapi/perl.alfa
/content/govt/en/us/doctor/doctor-detail.html?doctorId=ss222-001/wp-plain.php

How to block invalid URL with query param contains extension(.alfa OR .php) on dispatcher ? Invalid URL need to redirect to error page.

arunpatidar · ‎23-11-2022

Hi,

You can remove those query param using apache rewrite rule

Example

RewriteEngine On
RewriteCond %{QUERY_STRING} ^doctorId=.*(.alfa|.php)$
RewriteCond %{REQUEST_URI} /doctor/doctor-detail\.html$
RewriteRule (.*) $0?

View solution in original post

arunpatidar · ‎23-11-2022

Hi,

You can remove those query param using apache rewrite rule

Example

RewriteEngine On
RewriteCond %{QUERY_STRING} ^doctorId=.*(.alfa|.php)$
RewriteCond %{REQUEST_URI} /doctor/doctor-detail\.html$
RewriteRule (.*) $0?

sankarr26533925 · ‎23-11-2022

Thanks @arunpatidar for your response. Multiple requests are coming from unknown ip(hacker). So We need to block the request and redirect to error page. Can we achieve it using filter section?

arunpatidar · ‎23-11-2022

I think, for that you have to use the DDoS protection.

But of you think, the query parameters are not required at backend, you can simply remove the query parameter from request propagation(example is above) so that cached page can be served.

Adobe Experience Manager Sites & More

How to block invalid URL with query param contains extension(.alfa OR .php) on dispatcher

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe