[Plugin: BulletProof Security] Extended characters in the URL are not accepted
-
Hello,
I noticed that after applying the secure main .htaccess file, my site would redirect to “Forbidden” if the URL query contains extended characters (from the HTTP point of view) like ă ț ș etc.
I did some mod_rewrite debugging and discovered that these characters trigger a certain rule:
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
Could you please tell me exactly what type of attack is this rule supposed to protect against? Please advise if it’s fairly safe to remove it.
Thank you,
Mihai
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
- The topic ‘[Plugin: BulletProof Security] Extended characters in the URL are not accepted’ is closed to new replies.