On Fri, Sep 26, 2014 at 01:19:29PM +0100, Gary Stainburn wrote:
> Is there any way to detect an attack within Apache and block it?
> I'm thinking of a rule or something to check the user-agent or equiv before
> calling the CGI or PHP etc.
> I'm looking to protect some old servers where BASH updates won't be
> forthcoming
You should be able to do this with mod_rewrite — at least if you can be
sure that none of the CGI variables should ever legitimately start with "(".
Use the RewriteCond and test for every one of those variables that come from
the user.
http://httpd.apache.org/docs/current/mod/mod_rewrite.html
There may be a better way, but that's what comes to mind.
--
Matthew Miller
<mattdm@xxxxxxxxxxxxxxxxx>
Fedora Project Leader
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
