Re: [mod-security-users] Webdav Exploit - What Rule To Catch?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Webdav Exploit - What Rule To Catch?
|
From: Ivan R. <iv...@we...> - 2004-03-31 20:22:27
|
> However, I am having difficulties capturing these Webdav > exploits before Apache sends a 414 error response. Those > "SEARCH" request methods are slipping by mod_security. > > ... > > Anyone having success at capturing Webdav exploits > using mod_security? I am sure there is something > I am overlooking in my configuration. I don't have the time to check right now but I'm pretty sure Apache rejects the request before mod_security gets to look at it. The same happens with TRACE. There's no way around it at the moment. I think you should be able to use mod_rewrite to detect and reject that request. -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ] |
