On Fri, Sep 26, 2014 at 8:28 AM, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote:
Is there a simple test (similar to the 'basic bash' test'; posted everywhere)
that can be executed to determine whether an apache/cgi 'environment'
can be attacked? or do each of my CGI (perl) apps need checking...
It seems to me to be an apache/cgi environment issue, and not
a CGI app issue.
On Fri, Sep 26, 2014 at 01:19:29PM +0100, Gary Stainburn wrote:
> Is there any way to detect an attack within Apache and block it?
> I'm thinking of a rule or something to check the user-agent or equiv before
> calling the CGI or PHP etc.
> I'm looking to protect some old servers where BASH updates won't be
> forthcoming
You should be able to do this with mod_rewrite — at least if you can be
sure that none of the CGI variables should ever legitimately start with "(".
Use the RewriteCond and test for every one of those variables that come from
the user.
http://httpd.apache.org/docs/current/mod/mod_rewrite.html
There may be a better way, but that's what comes to mind.
Is there a simple test (similar to the 'basic bash' test'; posted everywhere)
that can be executed to determine whether an apache/cgi 'environment'
can be attacked? or do each of my CGI (perl) apps need checking...
It seems to me to be an apache/cgi environment issue, and not
a CGI app issue.
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
