Re: [mod-security-users] Webdav Exploit - What Rule To Catch?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Webdav Exploit - What Rule To Catch?
|
From: Purl G. <pur...@pu...> - 2004-04-05 01:33:42
|
Ivan Ristic wrote: (snipped a lot) > > However, I am having difficulties capturing these Webdav > > exploits before Apache sends a 414 error response. Those > > "SEARCH" request methods are slipping by mod_security. > There's no way around it at the moment. I think > you should be able to use mod_rewrite to detect > and reject that request. For those following this topic, you will find a series of articles in the "alt.apache.configuration" newsgroup under my moniker, "Purl Gurl" along with others, "Rewriting Long URIs...." "Capture 414 Error...." I have submitted a bug report to apache on this problem with the Webdav exploit, nagoya.apache.org - bugzilla. It is bug report 28193 for those wanting to follow along. Thanks to Ivan for all his help and his great module. Already seeing log entries created by his module! Each one being someone trying to exploit our family server. Great work, Ivan! Kira |
