Hello

I'm trying to block any incoming hits to this string:

[07/Aug/2016:00:56:14 +0300] "GET /?r=3
[07/Aug/2016:00:56:54 +0300] "POST /?r=3

there are other characters after 3 so i'll have to use a wildcard string.

based on a few hours of google search, i've found out that i can use an if directive, something like this:

<If "%{QUERY_STRING} =~ /?=r3*/">
Require all denied
</If>

but i think it's not written properly because if i add that to the virtualhost and restart, it crashes httpd:

AH00526: Syntax error on line 5 of /etc/apache2/sites-enabled/second.conf:
Cannot parse condition clause: Failed to compile regular expression
Action 'restart' failed.

also, i've seen that there is a way to use .htaccess with

RewriteCond %{REQUEST_URI}
RewriteRule

but i just can't understand how to write it so it uses a wildcard

if anyone can help, will be appreciated ;-)

thank you!

Hi,

You may try the following:
Regards

hello. thank you for your answer. i've added that to .htaccess, restarted apache and still getting hits

Check carefully.

try with

Are you sure that apache is indeed reading .htaccess files?
For this to happen you have to use the following inside the <Directory >..</Directory> stanza of your server DocumentRoot:
And btw there is no need to restart apache if you're editing a .htaccess file.

Regards

hello and thank you for your answers!

i added bathory's method to .htaccess and checked the access.log and still got hits but didn't think to actually try to reach the /?r=3 address myself and indeed, it gives a forbidden error, which is more that i could have asked for.

thank you so much!