Keeping Error Log Clean of Nimda Code Red

Adding these lines to your .htaccess helps keep the error log clean of the Nimda Code red virus attempts

Add the following to your .htaccess file located in /home/username/public_html/

Options -Indexes
redirect /scripts http://www.stoptheviruscold.invalid
redirect /MSADC http://www.stoptheviruscold.invalid
redirect /c http://www.stoptheviruscold.invalid
redirect /d http://www.stoptheviruscold.invalid
redirect /_mem_bin http://stoptheviruscold.invalid
redirect /msadc http://stoptheviruscold.invalid
RedirectMatch (.*)cmd.exe$ http://stoptheviruscold.invalid$1

Note 1: “Options -Indexes” prevents browsing of directories that have no default index document. (Most people don’t like visitors crawling around in image file directories, for example).

Note 2: Worms will still make entries in the access logs, but spotting real errors is easier when the error log is clean from “worm droppings”.

Nice article on this here:
http://www.webmasterbase.com/article/566