@AITpro Admin
Thanks for your quick reply. Your new filter works very well.
As I used version .50.3, I replaced
RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\s+|%20+\s+|\s+%20+|\s+%20+\s+)HTTP(:/|/) [NC,OR]with
RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)HTTP(:/|/) [NC,OR]After that, 500 Errors have gone. Though I didn’t fix the font-face declaration itself, the errors by it have gone, too.
I read http://forum.ait-pro.com/forums/topic/security-log-file-size-exceeds-500kb-every-day/#post-3318. On the topic, he said the errors were given by IE8. In my case, they were by IE9, IE10 and IE11.
In general,
?#is not a good thing and is technically a malformed Query, but it is not really that dangerous to use.
Oh, really? I thought the behavior of your old filters was for blocking mal-QUERY_STRING. I don’t know about rewrite rules very well, so I was afraid of changing codes by myself. Then I came here.
I really appreciated your great plugin.