IIS 7 has a rewrite module that you could null route this type of request based on a regex.
Byron Mann Lead Engineer & Architect HostMySite.com On Tue, Jun 25, 2013 at 1:16 PM, John M Bliss <bliss.j...@gmail.com> wrote: > > I don't have PHP installed so I guess I'm not vulnerable, right? > > Any idea how to have CF (or IIS) auto-kill requests like this? > > > On Tue, Jun 25, 2013 at 1:09 PM, Cameron Childress <camer...@gmail.com > >wrote: > > > > > On Tue, Jun 25, 2013 at 12:56 PM, John Bliss wrote: > > > > > - what that req is supposed to do? > > > - how to be sure to block it? > > > > > > > First result via Google for that string: > > > > Plesk 0-day Remote Vulnerability in the Wild > > > > > http://blog.sucuri.net/2013/06/plesk-0-day-remote-vulnerability-in-the-wild.html > > > > -Cameron > > > > ... > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:356073 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm