Re: [mod-security-users] info disclosure on deny
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] info disclosure on deny
|
From: Ryan B. <rcb...@gm...> - 2006-01-30 22:11:48
|
Add in "ServerSignature Off" to the httpd.conf file to remove that footer message from error pages.. -- Ryan C. Barnett Web Application Security Consortium (WASC) Member CIS Apache Benchmark Project Lead SANS Instructor: Securing Apache GCIA, GCFA, GCIH, GSNA, GCUX, GSEC Author: Preventing Web Attacks with Apache On 1/30/06, kiran k <kir...@ya...> wrote: > > > Thanks, I should have paid more attention on error string duh.. > > I was able to monitor server script, for deny I get forbidden page with (= Apache/2.0.55 > (Unix) Server at 192.168.1.10 Port 80), I would like to avoid this, is > there any thing else other than deny:redirect so that it just shows it > blocked no more info about apache version. Thanks, > > > > > > > *Alon Agmon <aa...@we...>* wrote: > > Hi , > Mod_proxy should be used as: > > ProxyPass / http://192.168.1.30/ > ProxyPassReverse / http://192.168.1.30*/* <http://192.168.1.30/> > > Note the last slash. > > > > ------------------------------ > *From:* mod...@li... [mailto: > mod...@li...] *On Behalf Of *kiran k > *Sent:* Monday, January 30, 2006 7:02 AM > *To:* mod...@li... > *Subject:* [mod-security-users] as reverse proxy > > > Hi: > > I set it up exactly as described in the article. Basic test went fine, i= e > when I access http:192.168.1.10 (which is proxy), it went to 192.168.1.30= . > > > When I try access server scripts (ie > http://192.168.1.10/cgi-bin/modsec-test.pl) I get proxy error, like below= . > What is missing ? Why DNS lookup for ipaddr ? > > > > The proxy server received an i nvalid response from an upstream server. > The proxy server could not handle the request *GET /cgi-bin/modsec-test.p= l<http://192.168.1.10/cgi-bin/secprise.pl> > *. > Reason: *DNS lookup failure for: 192.168.1.30cgi-bin* > > Configuration: > > <VirtualHost 192.168.1.10> > > ServerName localhost > ProxyRequests Off > ProxyPass / http://192.168.1.30 > ProxyPassReverse / http://192.168.1.30 > > > SecFilterEngine DynamicOnly > SecFilterCheckURLEncoding On > </VirtualHost> > > > > > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > ------------------------------ > Do you Yahoo!? > With a free 1 GB, there's more in store with Yahoo! Mail.<http://us.rd.ya= hoo.com/mail_us/taglines/mailstorage/*http:/mail.yahoo.com/> > > > ------------------------------ > Yahoo! Autos<http://us.rd.yahoo.com/evt=3D38381/+ylc=3DX3oDMTEzcGlrdGY5BF= 9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDMWF1dG9z/*http://autos.yahoo.com/inde= x.html+>. > Looking for a sweet ride? Get pricing, reviews, & more on new and used ca= rs. > > > |
