Thank you very much.
I gave it a go... Still no Joy, the attempts at directory recursion
still end up in the access log...
More reading.
eric
On 02/07/2014 10:31 AM, Michael Streeter wrote:
On 1/28/2014 10:09 AM, Eric K. Dickinson wrote:
Good Morning.
We have a bunch of WordPress sites.
We also have a requirement to be scanned by Nessus and AppScan.
This drives the caching on WordPress nuts.
I have been able to significantly reduce this with a ReWriteRule.
RewriteEngine on
RewriteRule .*\.(dll|ini|exe|com)$ - [R=404,NC]
RewriteRule .*(etc\/passwd)$ - [R=404,NC]
It has helped a lot.
However...
RewriteRule *(\/..\/..\/..\/..\/)* - [R=404,NC]
RewriteRule *(\\...\\...\\...\\)* - [R=404,NC]
Has Not.
It looks like there are a couple of problems. In a regex, * means match
zero or more of the previous character. So beginning with a * is a
regex error. Also, since your pattern is in a capture group followed by
a *, it says to match zero or more of the entire pattern. Since a "."
matches any character, we'll quote the "." characters in the regex to
exactly match the "." characters. Try something like this:
RewriteRule .*\.\.\/\.\.\/\.\.\/\.\..* - [R=404]
RewriteRule .*\.\.\.\\\.\.\.\\\.\.\.\\\.\.\..* - [R=404]
The second problem is that sometimes what you're trying to match is in
the query string, which the pattern matching in a RewriteRule doesn't
look at. Instead, add a RewriteCond that looks at the query string:
RewriteCond %{QUERY_STRING} .*\.\.\/\.\.\/\.\.\/\.\..*
RewriteRule .* - [R=404]
RewriteCond %{QUERY_STRING} .*\.\.\.\\\.\.\.\\\.\.\.\\\.\.\..*
RewriteRule .* - [R=404]
Hope that helps,
Michael S
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
