Support » Plugin: W3 Total Cache » Better Skip 404 error handling by WordPress

  • I have been studying incoming requests to our website, many from bots towards non-existent files. This of course creates a heavy burden on the server if all requests have to be handled by WP. Therefore, I wanted to mitigate this effect by applying “W3TC Skip 404 error handling by WordPress for static files”.

    There are two issues I found with the current rule set:

    A) The request is still forwarded to WP if the folder path of the non-existent file does not exist. This is critical IMO, because many bots are hammering file paths that don’t exist. Why not have this covered by the rule also?

    B) Many bots trigger all kinds of extensions that don’t exist in the rule, trying to find vulnerabilities, for example .phpbak .asp .php .opts .tog. I don’t see any reason why a non-existent filetype of any kind should not bypass being handled by WP.

    To solve these issues, I have the current rule:
    RewriteCond %{REQUEST_URI} \.(.+)$ [NC]

    Instead of using REQUEST_FILENAME, changed to REQUEST_URI so that it intercepts the path even if it doesn’t exist. Also, I removed all the separate rules, and just added .(.+) to intercept ALL files that do not exist. I don’t see why anyone would want ANY file requests that do not exist to be processed by WP, which causes excessive processing.

    The above rule would affect those who use punctuation in their urls, or are using other rules for requests with punctuation. For example this /will.break/. I’m sure it can be improved, but essentially it seems a more effective rule.

    https://wordpress.org/plugins/w3-total-cache/

  • The topic ‘Better Skip 404 error handling by WordPress’ is closed to new replies.