It's been a few years since I've done any extensive work with Apache
and could use some help with a server that I've inherited.
The Apache server is configured with a VirtualHost that is used to
support a single, web-based collaboration tool. The URL used to
access the collaboration tool
On Fri, Jun 13, 2008 at 12:41 PM, Merton Campbell Crockett
[EMAIL PROTECTED] wrote:
Looking at the Apache access log, it's clear that Apache is processing a lot
of requests from systems probing for vulnerabilities. Rather than have
Apache process the request, I would like to immediately
On 13 Jun 2008, at 09:47:43, Joshua Slive wrote:
On Fri, Jun 13, 2008 at 12:41 PM, Merton Campbell Crockett
[EMAIL PROTECTED] wrote:
Looking at the Apache access log, it's clear that Apache is
processing a lot
of requests from systems probing for vulnerabilities. Rather than
have
Apache
Merton Campbell Crockett wrote:
On 13 Jun 2008, at 09:47:43, Joshua Slive wrote:
On Fri, Jun 13, 2008 at 12:41 PM, Merton Campbell Crockett
[EMAIL PROTECTED] wrote:
If I may add my grain of salt : often the issue is that such error
messages end up cluttering the logfile, consuming
On Fri, Jun 13, 2008 at 3:40 PM, Merton Campbell Crockett
[EMAIL PROTECTED] wrote:
Basically, I'm tired of the bullshit. I don't want to spend my life filling
out forms explaining to those that haven't a clue that their vulnerability
is a false positive. I want to configure Apache to reject
On Fri, 13 Jun 2008 16:06:45 -0400
Joshua Slive [EMAIL PROTECTED] wrote:
Otherwise, mod_rewrite could certainly be used. If you want the
uber-powerful approach, mod_security can also do stuff like this.
Indeed, normal Allow/Deny is the correct and best way to do this.
mod_security is an
