I have a folder structure on my website as follows:
/bin
/bin/home
/bin/home/home.php
index.php
.htaccess
In my .htaccess I route everything through to index.php, which works when you access the website traditionally. My problem is bots, they access home.php and so it fills my website with error_log files because that file is dependent on functionality from other scripts.
How can I stop the bots accessing anything other than index.php? Of course, I need my website to be able to include or require_once any PHP file on the server it needs.
This is my current Rewrite rule list:
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirect germany shop links to the new shop format
RewriteCond %{REQUEST_URI} ^/shop_germany/proddetail\.php$
RewriteCond %{QUERY_STRING} ^prod=([0-9]*)$
RewriteRule ^(.*)$ http://example.com/shop/product/%1? [R=permanent,L]
# Rediret old shop links to the new shop
RewriteCond %{REQUEST_URI} ^/shop_en/proddetail\.php$
RewriteCond %{QUERY_STRING} ^prod=([0-9]*)$
RewriteRule ^(.*)$ http://example.com/shop/product/%1? [R=permanent,L]
# Redirect all queries to SSL port 443
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Don't allow www.example.com, redirect to https://example.com
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
# Route everything via index.php
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?example.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|pdf)$ - [NC,F,L]
</IfModule>
