LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 07-20-2007, 03:13 AM   #1
wanna13e
Member
 
Registered: Apr 2006
Posts: 45

Rep: Reputation: 15
How to config apache 2.0 ignore request with specified file extension?


Hi All Gurus,

How do I configure apache to ignore user trying to get file extension like dll, asp and other files from webserver?

Below is a example of the log I get in my error log.

[Fri Jul 20 15:59:34 2007] [error] [client 202.156.13.3] File does not exist: /www/www.yellowpages.com.sg/_vti_bin/owssvr.dll
[Fri Jul 20 15:22:08 2007] [error] [client 219.74.242.72] File does not exist: /www/www.yellowpages.com.sg/MSOffice/cltreq.asp
[Fri Jul 20 15:05:15 2007] [error] [client 199.41.197.24] File does not exist: /www/www.yellowpages.com.sg/_vti_bin/owssvr.dll




Thanks amillion in advance.
 
Old 07-21-2007, 09:27 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,909

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
You can use the apache "conditional logging" feature. I.e. in your config file use something like:
Code:
SetEnvIf Request_URI "(\.dll|\.asp)$" dontlog
CustomLog logs/access_log common env=!dontlog
I don't think you can use the same trick for ErrorLog though.

Another way to go is to create a script (using sed perhaps) that deletes the lines containing the extensions you don't want to log and use the "piped logging" feature of apache. This can be used either for CustomLog and ErrorLog.
You can read more here.

Regards
 
Old 07-22-2007, 04:43 AM   #3
wanna13e
Member
 
Registered: Apr 2006
Posts: 45

Original Poster
Rep: Reputation: 15
Thanks alot bathory.

Quote:
Originally Posted by bathory
You can use the apache "conditional logging" feature. I.e. in your config file use something like:
Code:
SetEnvIf Request_URI "(\.dll|\.asp)$" dontlog
CustomLog logs/access_log common env=!dontlog
I don't think you can use the same trick for ErrorLog though.

Another way to go is to create a script (using sed perhaps) that deletes the lines containing the extensions you don't want to log and use the "piped logging" feature of apache. This can be used either for CustomLog and ErrorLog.
You can read more here.

Regards

Can I know how can apache skip or don't service this kind of request from public?
 
Old 07-22-2007, 09:16 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,909

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Quote:
Can I know how can apache skip or don't service this kind of request from public?
I don't understand what you mean by that. You want apache to deny access to these files from internet and allow it from your LAN? These files are IIS files, so you don't care if someone asks for them since they don't exist in apache.
Anyway if you want to deny access to these file extensions (by IP) you can use the "Files" directive either in .htaccess, or in your .conf file (even inside a <Directory>..</Directory> section):
Code:
<Files ~ "\.(dll|asp)$">
  order allow,deny
  deny from all
  allow from 192.168.0.
</Files>
 
Old 07-22-2007, 08:20 PM   #5
wanna13e
Member
 
Registered: Apr 2006
Posts: 45

Original Poster
Rep: Reputation: 15
Thanks amillion bathory

Quote:
Originally Posted by bathory
I don't understand what you mean by that. You want apache to deny access to these files from internet and allow it from your LAN? These files are IIS files, so you don't care if someone asks for them since they don't exist in apache.
Anyway if you want to deny access to these file extensions (by IP) you can use the "Files" directive either in .htaccess, or in your .conf file (even inside a <Directory>..</Directory> section):
Code:
<Files ~ "\.(dll|asp)$">
  order allow,deny
  deny from all
  allow from 192.168.0.
</Files>

Sorry for my language here. You did answer my question here. Thanks amillion.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux file extension vs Dos file Extension? manaa Linux - Newbie 6 02-12-2009 04:19 PM
limit Apache WebDAV uploads by file extension ahz10 Linux - Networking 0 04-25-2006 10:35 AM
Where is the config file for apache linuxmandrake Linux - Software 2 09-15-2004 05:35 PM
Where is the apache config file when installed off drake CD? mindstormsguy Linux - Software 2 10-24-2003 05:09 PM
Request for http.conf file for Apache 1.3.26 Thinkgeekness Linux - Software 2 04-19-2003 12:58 AM


All times are GMT -5. The time now is 11:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration