Avoid beeing flooded by invalid requests

diff --git a/index.php b/index.php
index 19b85b935601077fe8ab8e1a6d0ad6fc3951d702..faa86575eb85285e4efdb360c282c9a122104f90 100644 (file)
--- a/index.php
+++ b/index.php
@@ -48,6 +48,10 @@ if ($a->isMaxProcessesReached() || $a->isMaxLoadReached()) {
        System::httpExit(503, ['title' => 'Error 503 - Service Temporarily Unavailable', 'description' => 'System is currently overloaded. Please try again later.']);
 }
 
+if (strstr($a->query_string, '.well-known/host-meta') and ($a->query_string != '.well-known/host-meta')) {
+       System::httpExit(404);
+}
+
 if (!$a->getMode()->isInstall()) {
        if (Config::get('system', 'force_ssl') && ($a->get_scheme() == "http")
                && (intval(Config::get('system', 'ssl_policy')) == SSL_POLICY_FULL)

diff --git a/mod/xrd.php b/mod/xrd.php
index 6a5fdbbdb9257b78476789762bd99b5774fa25ab..921d48fe93708cddf1c66280207cadc5baf6734a 100644 (file)
--- a/mod/xrd.php
+++ b/mod/xrd.php
@@ -13,7 +13,7 @@ function xrd_init(App $a)
 {
        if ($a->argv[0] == 'xrd') {
                if (empty($_GET['uri'])) {
-                       killme();
+                       System::httpExit(404);
                }
 
                $uri = urldecode(notags(trim($_GET['uri'])));
@@ -24,7 +24,7 @@ function xrd_init(App $a)
                }
        } else {
                if (empty($_GET['resource'])) {
-                       killme();
+                       System::httpExit(404);
                }
 
                $uri = urldecode(notags(trim($_GET['resource'])));
@@ -48,7 +48,7 @@ function xrd_init(App $a)
 
        $user = DBA::selectFirst('user', [], ['nickname' => $name]);
        if (!DBA::isResult($user)) {
-               killme();
+               System::httpExit(404);
        }
 
        $profile_url = System::baseUrl().'/profile/'.$user['nickname'];