Hi,
I had broken link emails enabled for a while. Over time, my nginx.conf
config grew into this:
location /_vti_inf.html { return 404; }
location /crossdomain.xml { return 404; }
location ~/cache/eb91756ae6745d22433f80be4ec59445$ { return 404; } #
some sort of plugin?
location ~\.php$ { return 444; }
location ~\.aspx?$ { return 444; }
location /account/submit/add-blog { return 444; }
location /blogs/my_page/add { return 444; }
location /my_blogs { return 444; }
location /YaBB { return 444; }
location /signup { return 444; }
location /register { return 444; }
location /user/register { return 444; }
location /member/register { return 444; }
location /forum/member/register { return 444; }
location /tools/quicklogin.one { return 444; }
location /mt.js { return 444; }
location ~\[PLM=0\] { return 444; }
I eventually just turned of the 404 emails and was able to delete all of
that config :)
Actually, if you put an <img src="/report_broken_link/"> (or do a similar
request with ajax) on your 404 page, that would filter out a lot of spam.
Collin
On Wednesday, January 21, 2015 at 3:32:15 AM UTC-5, hinnack wrote:
>
> Hi,
> thanks for your reply.
> Blocking all requests in Apache seems to be the best way. Can you give an
> example how to do that?
> As / is mapped to the wsgi app (
> https://docs.djangoproject.com/en/1.7/howto/deployment/wsgi/modwsgi/ )
> and a new files section does not the trick:
>
> <Files ~ "^.*\.([Pp][Hh][Pp])$"> #PHP protection
>
> order allow,deny
>
> deny from all
>
> satisfy all
>
> </Files>
>
>
> Am Dienstag, 20. Januar 2015 12:55:40 UTC+1 schrieb hinnack:
>>
>> Hi,
>>
>> I get a lot of intrusion checks on my website - especially for PHP
>> (wordpress, joomla, …).
>> Today they all raise a 404 errors in python-django - so if you have
>> emails enabled for 404 errors…
>>
>> What is the best way to block those requests in a standard apache
>> deployment?
>> ( https://docs.djangoproject.com/en/1.7/howto/deployment/wsgi/modwsgi/ )
>>
>> regards
>>
>> Hinnack
>>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/c79c99b7-ff19-4785-b6fb-d12786876e5a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
