> -----Original Message-----
> From: Eric Covener [mailto:cove...@gmail.com]
> Sent: Mittwoch, 24. August 2011 14:59
> To: dev@httpd.apache.org
> Subject: Re: Mitigation Range header (Was: DoS with
> mod_deflate & range requests)
>
> > Of course it should have been:
> >
> > RewriteCond %{HTTP:range} !^bytes=[^,]+(,[^,]+){0,4}$
> > RewriteRule .* - [F]
>
> The problem with the negation is you need an addl rule to handle an
> empty range header, this would forbid normal non-range requests.
Damn it. Got me again. How about this:
RewriteCond %{HTTP:range} !(^bytes=[^,]+(,[^,]+){0,4}$|^$)
RewriteRule .* - [F]
Regards
Rüdiger
