Home/ Questions/Q 6545281
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T11:34:00+00:00

My wordpress has the following .htacess file : # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine

  • 0

My wordpress has the following .htacess file :

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.php /index.php [L,R=404]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

I have been recently seeing these URLs in error.log

[Wed Aug 31 04:02:28 2011] [error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:02:32 2011] [error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:02:32 2011] [error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:02:32 2011] [error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:02:32 2011] [error] [client 69.162.74.102] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:19:40 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:19:42 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:19:42 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:19:42 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 04:19:42 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 08:53:30 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 08:53:32 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 08:53:32 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 08:53:32 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 08:53:32 2011] [error] [client 67.205.102.172] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 10:30:24 2011] [error] [client 124.124.204.58] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 10:31:12 2011] [error] [client 124.124.204.58] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 10:31:12 2011] [error] [client 124.124.204.58] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 10:31:12 2011] [error] [client 124.124.204.58] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Wed Aug 31 10:31:12 2011] [error] [client 124.124.204.58] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)

Problem is every time this URL hits our server it goes to WordPress (see .htaccess rules) which scans the db for pages matching this. This is causing an unnecessary spike on the server which is causing apache to segfault.

How can i prevent this URL from hitting Wp?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The F flag sends a 403 Forbidden response when the rule matches:

    RewriteRule /w00tw00t\.at\.ISC\.SANS\.DFind - [F]

    Add this just after RewriteBase /.

    BTW the [error] client sent HTTP/1.1 request without hostname errors suggest that apache is replying with a 400 Bad request status and these requests don’t even hit wordpress.

    • 0