httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jsl...@gmail.com>
Subject Re: [users@httpd] mod_rewrite versus webdav exploit
Date Tue, 13 Jul 2004 02:19:27 GMT
On Mon, 12 Jul 2004 20:56:24 -0400, Chris Zakelj <c.zakelj@ieee.org> wrote:
> I've done a fair bit of googling, and think mod_rewrite is exactly what
> I need to handle the tons of
> 
> 68.184.63.84 - - [12/Jul/2004:23:20:02 +0000] "SEARCH
> /\x90\x02±\x02±\x02±\x02±.....
> 
> crap that hits my logs, as well as the (still present) default.ida and
> other microsoft crud still floating around.  In that search, I found
> http://forums.macosxhints.com/showthread.php?t=22371, which suggests
> adding...
> 
> <IfModule mod_rewrite.c>
> RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com

These use mod_alias rather than mod_rewrite.

But they don't do anything really useful in any case.  At best, they
will just keep the request out of the error log.

By far the best way to handle such requests is just to post-process
your log files to remove anything that isn't of interest to you.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message