filter known hack attempts
Poul-Henning Kamp
phk at phk.freebsd.dk
Wed Sep 1 13:49:16 CEST 2010
In message <AANLkTinMoCOrB98hq+o8N1j4+unDR6NNcVw+xEjiDnC0 at mail.gmail.com>, Ales
sandro Ronchi writes:
>is it possible to filter with vernish some known hack attempts, link
>/cltreq.asp?UL=1&ACT=4&BUILD=6254&STRMVER=4&CAPREQ=0
>/_vti_bin/owssvr.dll/
Yes, Kristian did something "mod_security" like I think.
It's pretty easy to blast individual bad things out of the way;
sub vcl_recv {
if (req.url ~ "_vti_bin/owssvr.dll") { error 503; }
}
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the varnish-misc
mailing list