2011/12/13 Jean-François Bilodeau <jfbilodeau [ at ] chronogears [ dot ] com> > May I recommend that instead of banning, you close the security hole? > Disable whatever is allowing content access via ?xxx=. > > Doesn't that mean stopping apache? I am not a web developer of any means, but I think you can pass a ?xxx= request to index.html. Since the .html is not dynamic, it will just ignore the ?xxx= part. -Bart