Mar 18 2009
Filtering out gallery hack attempts
This week my virtual ran out of diskspace. I had mysql query logging enabled and a distributed attack on the login and self-register modules of gallery2.
Because I rarely login through the admin-interface and I have disabled the user self registration, I created this htaccess filter to deny any requests to those
modules. Keep in mind that if you want to login yourself, you need to add a rewrite condition for your own ip:
RewriteEngine On
RewriteCond %{QUERY_STRING} g2_controller=core.Logout [OR]
RewriteCond %{QUERY_STRING} g2_view=core.UserAdmin&g2_subView=register.UserSelfRegistration [OR]
RewriteCond %{QUERY_STRING} g2_view=core.UserAdmin&g2_subView=core.UserLogin
RewriteRule .* - [F]