httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From david <>
Subject [users@httpd] Question: Apache 1.3 and SetEnvIf /RedirectMatch
Date Mon, 07 Aug 2006 23:01:06 GMT

Recently, i've founded some entries on my apache webserver log like this:

[IP] - - [05/Aug/2006:02:17:47 +0200] "GET 

HTTP/1.0" 200 220151 "-" "Mozilla/5.0"

As you can see, some attacker tries to use the index.php file to get a 
cmd.txt file from other site.

are there any way to detect this urls to stop this configuring apache?

i've tried with setEnvIf and RedirectMatch on several ways, with no results:

SetEnvIf Request_URI "(.*)cmd(.*)$" attack


RewriteEngine on
RedirectMatch permanent (.*)cmd(.*)$ http://nourl

only works with urls like:


not with


It seems that te Request_URI and RedirectMatch doesn't works with the 
params on the URL, only with the main URL file.



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message