On Friday 26 September 2014 15:32:15 Fulko Hew wrote:
> On Fri, Sep 26, 2014 at 8:28 AM, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx>
>
> wrote:
> > On Fri, Sep 26, 2014 at 01:19:29PM +0100, Gary Stainburn wrote:
> > > Is there any way to detect an attack within Apache and block it?
> > > I'm thinking of a rule or something to check the user-agent or equiv
> >
> > before
> >
> > > calling the CGI or PHP etc.
> > > I'm looking to protect some old servers where BASH updates won't be
> > > forthcoming
> >
> > You should be able to do this with mod_rewrite -- at least if you can be
> > sure that none of the CGI variables should ever legitimately start with
> > "(".
> > Use the RewriteCond and test for every one of those variables that come
> > from
> > the user.
> > http://httpd.apache.org/docs/current/mod/mod_rewrite.html
> >
> > There may be a better way, but that's what comes to mind.
>
> Is there a simple test (similar to the 'basic bash' test'; posted
> everywhere)
> that can be executed to determine whether an apache/cgi 'environment'
> can be attacked? or do each of my CGI (perl) apps need checking...
>
> It seems to me to be an apache/cgi environment issue, and not
> a CGI app issue.
I've found the following page:
http://www.zdnet.com/shellshock-how-to-protect-your-unix-linux-and-mac-servers-7000034072/
which includes some rewrite rules. As I've never done rewrite rules before,
where would I put them?
--
Gary Stainburn
Group I.T. Manager
Ringways Garages
http://www.ringways.co.uk
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
