Robert,
- Am I being to paranoid by doing this? My logic is they dont belong here and I could get mad if someone walked up to my apartment and tried jiggling the door handle to see if it was unlocked.
Well, yes. There is a simplier way -- Apache does have an 'error page' handler, where you can customize your 404 page or how Apache responds to a 'page not found' error. Doing the redirect is not really going to solve anything anyway. Most (all?) of these accesses are from a program -- a kind of 'bad' robot, which is probably going to ignore the 301 status and come to the conclusion that these URIs are actually working and report success to its (human) master. That will open you up for more (automated) attacks and/or piss off the human hacker, who will just come up with more and nastier attacks or maybe just launch a dos attack for spite. You are better off just letting Apache handle these as 404. Imagine you have a storefront and people come by after hours and see the lights off and the closed sign -- people will go away and come back later. Imagine that the lights are on and there is no closed sign, and instead you have some poor clerk there answering the door telling people to go away. That is likely to cause more trouble, since people will just come back in 5-10 minutes and ask if the store is open now. Or worse, wait around until there is some indication that the store is open.
This is a good analogy. It does open up more to stating: "Damn'd if you do, damn'd if you dont".
- Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect.
Question: are you using virtual hosts? If so, they the 'visitors' are either NOT sending HTTP 1.1 headers or not using the virtual host name.
Yes, I am and I have a few domains on this box. Each <virtual> has an include to a file that stores my rewrite rules so I just maintain them in a single place.
-Jason