Results 1 to 4 of 4
Let's say there's some kind of exploit that involves an HTTP query
made against a certain script. For argument sake, /badscript.php
On a server with a lot of VirtualHosts, is ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 10-14-2010 #1Banned
- Join Date
- Dec 2002
- Location
- Texas
- Posts
- 242
Block HTTP query globally in Apache
Let's say there's some kind of exploit that involves an HTTP query
made against a certain script. For argument sake, /badscript.php
On a server with a lot of VirtualHosts, is there any way to globally
block any/all "/badscript.php" requests across all of the websites?
- 10-14-2010 #2Trusted Penguin
- Join Date
- May 2009
- Location
- Munich
- Posts
- 2,982
I believe not, because directly after the http connection is opened,
apache decides on the virtualhost based on the query and therefore the config there counts.
Two ways,
1) inject something like
in your apache config in each virtual host via e.g. sedCode:RewriteEngine on RewriteRule ^/badscript.php - [F]
2) why not just delete badscript.php?
Code:find /<PATH_TO_YOUR_DOCROOTS> -type f -name "badscript.php" -delete
You must always face the curtain with a bow.
- 10-14-2010 #3Trusted Penguin
- Join Date
- May 2009
- Location
- Munich
- Posts
- 2,982
3) try to block only the malicious query string via an appropiate RewriteCond/RewriteRule
Needless to say, this is not encouraged from a technical point of view.
(So be careful not to mention it to business
)
You must always face the curtain with a bow.
- 10-14-2010 #4Just Joined!
- Join Date
- Oct 2010
- Posts
- 10
This is only 15 minute solution, what if there is /badscript4.php etc.? Just delete it.
Originally Posted by thehemi 
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
