Thanks. Added to the interim draft update.
Dw.
On 25 Aug 2011, at 06:36, Steffen wrote:
For Mitigation of Apache Range Header DoS Attack with mod_security, see
also:
http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html
- Original Message -
I'm seeing Apache 2.0 doesn't accept our RequestHeader syntax due to a
defect, it misinterprets it as a value and fails startup.
If we have the opportunity to amend, I think we need to suggest the
rewrite flavor for Apache 2.0 and earlier, not just 1.3 and earlier.
Also for 1.3, is our RE safe
That is fine - we can do another update tomorrow, say noon zulu - if we expect
that we do not have a proper patch and/or a 2.0.65 / 2.2.20 in the day
following.
Weird though - my 2.0.61 and 64 does seem fine. So probably very early 2.0
series.
Dw
On 24 Aug 2011, at 20:40, Eric Covener wrote:
For Mitigation of Apache Range Header DoS Attack with mod_security, see
also:
http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html
- Original Message -
From: Dirk-Willem van Gulik di...@webweaving.org
Newsgroups: gmane.comp.apache.devel
To: