filter known hack attempts

Poul-Henning Kamp phk at
Wed Sep 1 13:49:16 CEST 2010

In message <AANLkTinMoCOrB98hq+o8N1j4+unDR6NNcVw+xEjiDnC0 at>, Ales
sandro Ronchi writes:

>is it possible to filter with vernish some known hack attempts, link

Yes, Kristian did something "mod_security" like I think.

It's pretty easy to blast individual bad things out of the way;
	sub vcl_recv {
		if (req.url ~ "_vti_bin/owssvr.dll") { error 503; }

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the varnish-misc mailing list