using the 1.1 beta

in .htaccess:

RewriteEngine on

# If denied access to error page forward
ErrorDocument 403 /ex/forbid.php

# Redirect when accessing /.
RewriteRule ^[^?]*/.[^.] /ex/forbid.php

# Redirect when accessing or using & #
RewriteRule & /ex/forbid.php
RewriteRule # /ex/forbid.php

# Exploits filter
RewriteCond %{THE_REQUEST} "^((GET|POST|HEAD) [^/]|CONNECT)" [NC]
RewriteRule .* /ex/forbid.php [L]

so... i expect that when i try to access anything that results in a 403, i will be directed to /ex/forbid.php (and banned) yes?

however, i just tested this today and this is not happening. i'm just being redirected to a generic 403 document. i do not recall if i tested at the time i installed Spider Trap, but i assume i would have.

» so... i expect that when i try to access anything that results in a 403, i
» will be directed to /ex/forbid.php (and banned) yes?

yes - but this rules are not neccessary for the spider trap.
You can delete it. It is only an additiion function to ban exploids


best regards
Tom

Suche noch Programmierer für das Spider Trap Team, die mir helfen die Software weiterzuentwickeln.

» » so... i expect that when i try to access anything that results in a 403,
» i will be directed to /ex/forbid.php (and banned) yes?
»
» yes - but this rules are not neccessary for the spider trap.
» You can delete it. It is only an additiion function to ban exploids

still not working. this is not a problem with Spider Trap i assume, but something else. it's just a simple redirect, but it won't work for some reason. strange, because other redirects are working.

more details...

.htaccess:

----------------

<Files .htaccess>
order allow,deny
deny from all
</Files>

AddType application/x-httpd-php5 .htm .html

# ErrorDocument 403 /errordocs/403.shtml

RewriteEngine on

# If denied access to error page forward
ErrorDocument 403 /ex/forbid.php

# Redirect when accessing /.
#RewriteRule ^[^?]*/.[^.] /ex/forbid.php

# Redirect when accessing or using & #
#RewriteRule &amp; /ex/forbid.php
#RewriteRule # /ex/forbid.php

# Exploits filter
#RewriteCond %{THE_REQUEST} "^((GET|POST|HEAD) [^/]|CONNECT)" [NC]
#RewriteRule .* /ex/forbid.php [L]

-------------

.htaccess file permissions are 744 (works same as 777)
Spider Trap is in /ex/ directory - all file permissions correct

so when i test it by going to /cgi-bin/ i get a generic 403 instead of being redirected to /ex/forbid.php

if i go to the /ex/ directory, Spider Trap works as it should.

so... to get it working, i did...

ErrorDocument 403 /errordocs/403.shtml

and then made a redirect rule to direct /errordocs/403.shtml > /ex/index.php

your .htacces seem to be okay


» if i go to the /ex/ directory, Spider Trap works as it should.
»
» so... to get it working, i did...
»
» ErrorDocument 403 /errordocs/403.shtml
»
» and then made a redirect rule to direct /errordocs/403.shtml >
» /ex/index.

hm okay nice workaround and should work, but i don't understand why the errorDocument rule with the spider trap path not working

Is in cgi-bin also an htaccess with errordocument settings ?

best regards
Tom

Suche noch Programmierer für das Spider Trap Team, die mir helfen die Software weiterzuentwickeln.

i just checked and there's no .htaccess in cgi-bin, which makes me wonder why i was being redirected to a generic 403 at all, unless the host has apache configured to do that or something.

also tried this:

#ErrorDocument 403 /errordocs/403.shtml
#ErrorDocument 403 /ex/forbid.php
ErrorDocument 403 /ex/index.php

RewriteEngine on

# Used for Spider Trap, shouldn't be needed but won't work otherwise
#RewriteCond %{HTTP_HOST} ^0daynews.org$ [OR]
#RewriteCond %{HTTP_HOST} ^www.0daynews.org$
#RewriteRule ^errordocs/403.shtml$ "http://0daynews.org/ex/index.php" [R=301,L]

but this sends me in a redirect loop with address:

/cgi-bin/forbid.php

so i tried same as above except:

ErrorDocument 403 /ex/forbid.php
#ErrorDocument 403 /ex/index.php

# Used for Spider Trap, shouldn't be needed but won't work otherwise
#RewriteCond %{HTTP_HOST} ^0daynews.org$ [OR]
#RewriteCond %{HTTP_HOST} ^www.0daynews.org$
#RewriteRule ^errordocs/403.shtml$ "http://0daynews.org/ex/index.php" [R=301,L]

which is what i tried before, as posted earlier. it worked exactly ONCE (banned me), then resulted in a generic 404 every time thereafter

i tried changing permissions on index and forbid, but this didn't help. both are 644 currently.