[mod-security-users] Re: Creating A rule for Search's
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Re: Creating A rule for Search's
|
From: David F. <Da...@me...> - 2004-07-23 09:08:19
|
Hi, Without using mod_security I have found a method that works for the SEARCH attacks - perhaps it is useful to people, even if not using mod_security. In the top level of httpd.conf add SetEnvIfNoCase Request_METHOD "^SEARCH" dontlog Use the following (on one line) to do the logging: CustomLog "|/usr/local/apache/bin/rotatelogs /usr/local/apache/logs/access_log 15M" combined env=!dontlog It would be better the disable to SEARCH method as well, but at least with these lines the access log files don't get too big. The error log still records a single line saying: request failed: URI too long (longer than 8190) so you can still tell what is going on. Cheers, David. -- --------------------------------------- Email david at megapico dot co dot uk --------------------------------------- |
