My apache server is visited with \ (backslashes) in URLs such as http://myhost.org/this\is\a\hacker\attempt.html According

Question

0

Asked: June 14, 20262026-06-14T20:17:28+00:00 2026-06-14T20:17:28+00:00

My apache server is visited with \ (backslashes) in URLs such as http://myhost.org/this\is\a\hacker\attempt.html According

0

My apache server is visited with \ (backslashes) in URLs such as

http://myhost.org/this\is\a\hacker\attempt.html

According to RFC 2396, section 2.4.3 the \ character in URLs are not allowed (%5C should be used instead) . For that reason I would like to configure apache to respond 400 Bad Request every time such character is in the request URL.

How can I configure apache to do that? Can I use mod_rewrite for that?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-14T20:17:29+00:00

Editorial Team

2026-06-14T20:17:29+00:00Added an answer on June 14, 2026 at 8:17 pm

There is a more general question over at serverfault which contains the answer for this question: https://serverfault.com/questions/451521/how-can-i-configure-apache-to-respond-400-when-request-contains-an-invalid-byte

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My apache server is visited with \ (backslashes) in URLs such as http://myhost.org/this\is\a\hacker\attempt.html According

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply