httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <b...@wstoddard.com>
Subject Re: Apache 1.3: avoid virus attack logging
Date Tue, 30 Apr 2002 12:31:58 GMT
> Hi all,
> I (and many others) use the following for getting virus attacks into attack_log instead
of access_log:
>
> # configuration to direct logging of virus attacks to separate log
> # make sure you comment out your old CustomLog directive!
> # for more information refer to /manual/mod/mod_setenvif.html
>
> SetEnvIfNoCase Request_URI "default\.ida?|root\.|cmd\.exe" is_attack

The URI string for a real attack is significantly longer than this.

Bill


Mime
View raw message