Re: Rejecting Invalid URL With a 503 Status

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jun 13, 2008 at 3:40 PM, Merton Campbell Crockett
<m.c.crockett@xxxxxxxxxxxxxx> wrote:

> Basically, I'm tired of the bullshit.  I don't want to spend my life filling
> out forms explaining to those that haven't a clue that their "vulnerability"
> is a false positive.  I want to configure Apache to reject all requests that
> cannot possibly be supported by the collaboration tool.

Ok. Sounds like a tough life ;-)

Something as simple as this might work (although I haven't tested it):

<Location />
Order Deny,Allow
Deny from all
</Location>

<Location /letmein>
Order Deny,Allow
Allow from all
</Location>

This will get you 403 rather than 503.

Otherwise, mod_rewrite could certainly be used. If you want the
uber-powerful approach, mod_security can also do stuff like this.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux