Hi I'm not going to pretend I know mod_rewrite, but I spent some time with the docs and thought you could use the grouping info to replace with what you matched: (.*)(;[0-9]*\?) $1 (.*)(;[0-9]*$) $1 (I wrote two rules as I'm uncertain how the | binds) Alternatively this passage from the docs might provide an alternative solution: <snip> Additionally you can set special flags for Substitution by appending [flags] as the third argument to the RewriteRule directive. Flags is a comma-separated list of the following flags: <...> - *||*'forbidden|F' (force URL to be forbidden) This forces the current URL to be forbidden, i.e., it immediately sends back a HTTP response of 403 (FORBIDDEN). Use this flag in conjunction with appropriate RewriteConds to conditionally block some URLs. </snip> Then you could at least avoid people reading the source. /Pontus. Sampsa Laine wrote: Dennis, I've got the rule down to: RewriteRule (;[0-9]*\?)|(;[0-9]*$) / but this is not ideal, as I don't really want to replace the ; with a /, just drop it but can't figure out the syntax for "replace with nothing". Any ideas? Sampsa On 21 Sep 2009, at 22:12, Dennis Boone wrote: Yes, I have reported it to VMS engineering in India about an hour ago (well I assume in India, the guys had subcontinent accents) and they said they'd get back to me. In the meantime, if CSWS has mod_rewrite, you might be able to produce a temporary fix in the form of a rewrite rule that rips the ;* off the end[1] of .php urls. [1] Well, ok, might be the middle too, if it's a GET with parameters, but that's just a slightly more involved pattern. De