Hello,

On a blog I'm hosting, a stupid bot tries to send very long comments, but this idiotic software actually fails to do so and they end up as /page/x/?s= search queries. And when these reach the limit of above 512 characters, my wordpress blog engine goes mad and suddenly everyone seeing a page on which there was a search (the index page is unaffected) also gets the search query too.
Since a good number of people have this bug and sometimes it is "brought back" by visitors who come back after a while, there's no really a way to tell who's the bot in order to blacklist him.

I figured the solution would first lie with Suhosin, but precisely, Suhosin already sets a limit of 512 characters per query.
I suppose there's a relation with 512+ characters per query, but I can't dig deeper than that.

I have hopes for another method, how to resort to mod_rewrite to crop URLs that are, simply, too long.

And so am I here, with a question, do you think that a
Could do the job, and crop all URLs above 500 characters of length ?

Or would you see another way to use the mod_rewrite rules to achieve that result, pretty please with sugar on top ?

Thank you very much if you can help, I'll be grateful !

Hi,

If you want to nuke URLs and not only queries longer that 500 characters, you should replace the QUERY_STRING with REQUEST_URI.
Otherwise a URIL, like: /some-long-URI-with-more-than-500-chars?q=less-than-500-chars will pass.
And you have a slight error in your rule, so try this:
Regards

1 members found this post helpful.

Hi Bathory, and thanks !

EDITED (at first it didn't work, my Apache took some time to take the changes into account) : thank you very much, Bathory, your code corrections worked