Attempting to trap the exploit hunters
I always thought that the first listed Apache virtual host would pick up all the waifs and strays, and when I was using a straight redirect, this seemed to be the case.
However, I am now trying to redirect to a bit of Perl that will read in the requested URI (as query string), do PTR and WHOIS lookups, record in a database, phone the Pentagon, etc. (See:
It isn't working, and I can't figure out why. When I try to make an illegal access, I just get:
Forbidden
You don't have permission to access /thisdoesnotexistahaha.php on this server.
…which would tend to indicate that the re-write simply isn't happening.
Relevant parts of Apache config:
NameVirtualHost *
#
# Catch and log stuff that shouldn't happen.
#
<virtualhost *="">ServerName lostsouls.xxxxxxx.xxxxxxx
ServerAdmin admin@xxxxxxx.xxxxxxx
ScriptAlias /lostsouls/ "/usr/www/lostsouls/"
RewriteEngine On
RewriteRule . /lostsouls/mwahahahaha$1 [L]</virtualhost>
<directory usr="" www="" lostsouls="">Order deny,allow
Allow from all</directory>
1 Reply
Just a thought.
--James