Removing Errors from our site - /includes/templates/classic/css/none

Although solving the problem will take some deep investigation you should be able to eliminate the errors by using:

Redirect Gone /includes/templates/classic/css/none

Put the above line in the main or top level .htaccess file.

Yes but if it s a probe that still results in leaking server information.

How so?

Do your physic powers tell you what kind of information is being provided by the Error pages for the OP's site?

Please do not look for fault in whatever is posted. The idea is to help and, without knowing everything, single, little, thing about how a person has their site setup and/or their current level of knowledge & experience with coding, we can only provide information / help based on the information provided.

No statistical probability, default configuration and 12 years experience all tell me that Error pages leak information as do headers. So a one liner that leaks less is a better course of action.

That is a non-answer.

Your 'one-liner' stills creates error entries whereas my 'one-liner' does not.

As to what someone has in their Error pages is and should be, up to them. It is each person's responsibility to determine or learn, what to put in an Error page and what not to.

No it is a correct answer, mine leaks less information reagrdless of circumstance and still allows requests to be tracked easily and in the same manner as the OP is going. It is my responsibility to ensure that when I advise someone I give the most appropriate advice, not to give an answer that I know could result in feeding a hacker with more information or pass the buck onto the OP. There's a common probe that appears in logs that looks for

Code:

---

"GET /thisdoesnotexistahaha.php HTTP/1.1" 404

---

which is straight from my logs, your advice feeds that bot, mine err, doesn't. :cool:

epsonprintersrock - try a search through a copy of all of your site for coding which is something like:

Code:

---

display: none;

---

Website Rob - you should know better. You've only been here for three and a half years helping people constructively.

Vger

Well my favourite advice from Website Rob so far has been

Quote:

---

## redirects any URL that includes: record_company.php/password_forgotten.php
RedirectMatch Permanent ^/(.*[record_company.php]+)/(password_forgotten.php)$ /page_not_found.php

## redirects any URL that includes: /images/wp- with 'wp-' being anything that ends with '.php'
## this allows for images named such as 'wp-header.jpg' to work
RedirectMatch Permanent ^/(.*[images]+)/(wp-.*\.php)$ /page_not_found.php

---

and indeed anything that goes to page not found, because it means that every single error for a hack attempt loads 170 files into memory and puts in 300 database queries, and that is why Rob appears to be following me around. So far the average bot attack on a server lasts minutes from multiple ip address (the maximum appearing to be 84 servers) doing 5 queries each, so let's quarter that number to 21 machine making 5 requests each, leading to 105 queries and 31500 database queries and the loading and processing of PHP 17850 pages to talk to a bot.

Yes Webiste Rob made a mistake, which is fair enough, anyone can, I have repeatedly in this thread, but I'm not going around disputing everything he says, in fact I posted my advice first and it is good solid advice.

Quote:

---

Originally Posted by MattyMatt

...
and indeed anything that goes to page not found, because it means that every single error for a hack attempt loads 170 files into memory and puts in 300 database queries, and that is why Rob appears to be following me around. So far the average bot attack on a server lasts minutes from multiple ip address (the maximum appearing to be 84 servers) doing 5 queries each, so let's quarter that number to 21 machine making 5 requests each, leading to 105 queries and 31500 database queries and the loading and processing of PHP 17850 pages to talk to a bot.

---

Ya ya ya ... that's about the 50th time you've said that same thing in the last 2 weeks. And most of the time, like this one, it's way off topic.
If you've got something constructive and specifically beneficial to help deal with the posted problem, share it. But if you want to start rabbit-trails, especially belaboring ideas that have already been mentioned ad nauseum, find some other place to do it.
Moaning about bots has its place. Try to keep it there, not splattered everywhere.

The point is that I am trying to help by saving server resources from bots and misplaced files if the shop owner uses the Zen cart file

extras/htaccess_for_page_not_found_redirects.htaccess

or Rob's code, there's already been an example on the forum where similar code has slowed a website down because of a misconstructed template file. I think the forum should be a place where problems are solved in the most appropriate way and should highlight issues that can optimize a website and improve the development of Zen Cart, no one is saying my code is incorrect, nor that it does not do what is advertised or for the reasons stated and yet persistently I find myself being followed by two individuals who seem bent on corrupting the advice, deliberately misconstruing my comments and by posting information that could be detrimental to a shop owner, because I pointed out that they were wrong when I was a "newbie" to the forum but not in this field.

Matt.