httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: Mitigation Range header (Was: DoS with mod_deflate & range requests)
Date Wed, 24 Aug 2011 12:58:52 GMT
> Of course it should have been:
>
> RewriteCond %{HTTP:range} !^bytes=[^,]+(,[^,]+){0,4}$
> RewriteRule .* - [F]

The problem with the negation is you need an addl rule to handle an
empty range header, this would forbid normal non-range requests.

-- 
Eric Covener
covener@gmail.com

Mime
View raw message