Home/ Questions/Q 9196923
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T21:57:26+00:00

I made a little mistake (I started a new php call within an existing

  • 0

I made a little mistake (I started a new php call within an existing php call – oops) and managed to have google start crawling a whole bunch of urls that look like this:

http://www.mydomain.com/folder/parameter/%3C/?php%20echo%20writelink();%20?%3E

I’ve fixed the sourcing call, but my attempts to have .htaccess rewite the page calls to

http://www.mydomain.com/folder/parameter/

have been unsuccessful.

I have tried the following:

RewriteRule  ^folder/(.*)/(.*)%(.*) /folder/$1/ [NE,R=301,L]
RewriteRule  ^folder/(.*)/(.*)3C/?php /folder/$1/ [R=301,L]
RewriteRule  ^folder/(.*)/(.*)writelink /folder/$1/ [R=301,L]
RewriteRule  ^folder/(.*)/([^/.]+)writelink /folder/$1/ [R=301,L]

But all of them are returning the same 403.
I have the test rewriterule as the first rewriterule in the file, so it isnt being usurped by something else.

(For reference, the correct rewriterule when I havent mucked up the page is
RewriteRule ^folder/(.*)/$ /content/element.php?param=$1 [L]
)

I’ve had problems with %ages in the path before but this time I’ve decided to defeat it – any suggestions?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your URL is something like this:

    http://www.mydomain.com/folder/parameter/</?php echo writelink(); ?> whithout the encoding.

    The 304 code does not really indicate an error, it indicates the resource for the requested URL has not changed since last accessed or cached. Clear your brower’s cache and make sure it is cleared.

    The error should be 403 (Forbidden) because of the initial character < (%3C).

    These errors make any rewrite rule at .htaccess useless. One way to handle this kind of problem is with a script.

    EXAMPLE

    Add these lines to your .htaccess file at root directory:

    Options +FollowSymlinks -MultiViews
ErrorDocument 403 /Error403.php

    Create Error403.php at root directory with a content similar to this one:

    <?php
// The following lines should be at the top of the file

/**************Only for Debugging**********************/
echo $_SERVER[ 'REDIRECT_QUERY_STRING' ] . "<br /><br />"; 
echo var_dump($_REQUEST) . "<br /><br />";
/*=====================================================
NOTE: A Header error might be generated while the above 
code is active. Use it only to display the incoming 
parameters and delete it for normal operation.
*******************************************************/

if ( isset ( $_SERVER[ 'REDIRECT_QUERY_STRING' ] ) ) {
  $QueryString = $_SERVER[ 'REDIRECT_QUERY_STRING' ]; // The query looks like this: php%20echo%20writelink();%20?%3E 

   // Check if it is the wrong URL
  if ( preg_match( '|php%20echo%20writelink()|i', $QueryString ) ) {
  header("Location: http://www.mydomain.com/folder/parameter/");
  }
}
   // Handle other errors
?>

    In this specific case we take advantage of the fact that the string contains a question mark ?, that makes it look like a query. So we try to match the query content with preg_match().

    That should do it. Modify the links accordingly if necessary, this is just an example on how to do it.

    • 0