Forums

Reject Request

My apology if this is an seems like an ignorant question. Is it possible to set up WSGI or ngix on PA to just outright reject requests that contain '.ini', '.asp', '.php', '.mdb'?

deleted-user-586812 | 11 posts | Feb. 1, 2015, 3:24 a.m. | permalink

Unfortunately there isn't, but I'll add it to our list -- it would be nice if script kiddie's attempts to break into people's sites didn't pollute the access logs.

Staff giles | 12095 posts | PythonAnywhere staff | Feb. 1, 2015, 6:14 p.m. | permalink

Exactly the reason I posted. Here's a post that got me thinking.

https://groups.google.com/forum/#!topic/django-users/K_tC-sLgYjw

deleted-user-586812 | 11 posts | Feb. 1, 2015, 7:13 p.m. | permalink

Thanks, that's an interesting link!

Staff giles | 12095 posts | PythonAnywhere staff | Feb. 1, 2015, 7:15 p.m. | permalink