Some hacker has been annoying me today by succesfully altering my database with a certain type of DOM injection, using automated scripts.
I fixed my website, but on top of that I want to redirect future hacking attempts to a website. I have tried to search for suggestions, but cannot find any good websites which will either:
Simple example; I can block most of the SQL injections in .htaccess, and now my question is, which website do I send the traffic to?
RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
RewriteCond %{QUERY_STRING} (.*)(javascript)(.*) [NC,OR]
.... etc.
RewriteRule .* https://www.nsa.gov/? [L,R=301]
RewriteRule .* https://www.nsa.gov/? [L,R=301]
Don't bother trying to redirect the request, just block it with a 403 Forbidden (or 404).
No other site will want to receive these "hacker" requests.
The "hacker" (most probably a bot) probably won't follow the redirect anyway.
In other words, to send a 403, it's simply...
RewriteRule ^ - [F]
^ is more efficient than .* in this case, since .* must traverse the entire URL-path (matches everything), whereas ^ simply asserts the start-of-string (matches nothing, but successful for everything).
Or to return a 404, change F to R=404.