<LocationMatch "*cmd.exe*">
order deny, allow
deny from all
</LocationMatch>
Samo che pak ste go logva i osven tova, ne hvashta neshta ot sorta na
http://boza/shit?..%c0%af../cmd.exe?/c+dir
mod_rewrite shte ti svarshi rabota
sega se seshtam mnogo grozen nachin da ne vliza v logovete requesta,
obache e _mnogo grozen_ i _mnogo insecure_ (wseki request koito wklichva
cmd.exe niama da byde lognat - hello brute forcing :)
AccessLog "|/usr/bin/grep -v cmd.exe > /var/log/access.log"
ErrorLog "|/usr/bin/grep -v cmd.exe > /var/log/error.log"
Mozhe i da ne sraboti :)
Vasko Tomanov wrote:
> niakoi ima li ideia kak da si pasthna apacha da ignorira napalno zaiavki
> ot vida na ..........cmd.exe
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
