Can I use htaccess to deny certain non-existent directories to avoid going through my Drupal site?
January 2, 2009 12:12 PM Subscribe
Can I use htaccess to deny certain non-existent directories in order to avoid going through my Drupal site (which requires connecting to my database)?
posted by kosmonaut to Computers & Internet (7 answers total) 1 user marked this as a favorite
My Drupal site was hacked, though my content was not touched (which is why it went unnoticed for a while). I eventually noticed and cleaned up several extra directories that had had thousands of subdirectories with spammer linking content. The whole site is fresh and fixed but now I am getting a huge amount of 404 errors from all over the world, with people trying to access these old spam directories. In Drupal, each time this happens, the 404 page is generated and the 404 error is logged, which means accessing the database, which means my database is straining just to issue all of these 404 denials.
I just want a simple apache 404 page instead (but only for these spammer urls!).
The former pages and subdirectories were all contained within three base directories (I'll call them spam1, spam2, spam3), and so I would like to use htaccess to simply deny any request for (e.g.):
And any other permutation.
I don't know how to do this when the directories don't actually exist. That is, I can recreate an empty folder called "spam1" and deny mysite.com/spam1/ requests with Apache, but this wouldn't deny any of the thousands of subdirectories -- as I said, Drupal steps in and takes over the 404 duties when the directory does not exist.
Is there some way to do the kind of denial I want, to pre-empt Drupal and the database connections? I do not control the server so htaccess may be my most powerful option.
(Otherwise, maybe I have to reconfigure Drupal in some way?)