How to Prevent Requests with Invalid Characters Using htaccess file

You can use Mod_Rewrite to deny requests containing invalid characters,

RewriteEngine On 
RewriteBase / 
RewriteCond %{THE_REQUEST} !^[A-Z]{3,9}\ [a-zA-Z0-9\.\+_/\-\?\=\&]+\ HTTP/ [NC] 
RewriteRule .* - [F,NS,L] 

You can also Employ Basic URL Spelling Check to auto-correct simple spelling errors in the URL.

# automatically corect simple speling erors
<IfModule mod_speling.c>
 CheckSpelling On
</IfModule>

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.