An .htaccess features a set of rules to reject some ill formed urls as eg :
RewriteCond %{QUERY_STRING} (select|\/\*\*\/) [NC]
RewriteRule ^ - [F,L]
How can i get a log of all rejected urls ?
Or how can i best log efficiently or temporily these rejected urls ?
[EDIT with more context :] My site sometimes goes down due to excesses of hackerbots attempts to find a way into it. To avoid that i have setup some rules in the .htaccess that reject the most common patterns found in hackerbots urls. This works fine, or at least it looks like it works fine. I now wish to (once every some time) check whether
So as to do so, I could build a script that applies the exact same rules (taken from the htaccess) to the apache access.logs that contain all requests. But it would require to sync the script everytime i update the htaccess. Hence, i wish to know if there is a setting or a "good" way to log all-and-only htaccess-rejected urls.
As @arkascha mentionned it, apache's handling status for each request is stated in apache's access.log So best is to get it from there.