Re: [rails-oceania] Catching exceptions that don't reach your app

Fri, 06 Jul 2012 01:10:57 -0700 

On Fri, Jul 06, 2012 at 02:07:25PM +1000, Warren Seen wrote:
> I wouldn't even bother letting this get to your app if you can avoid
> it. If you have control over your web server (ie apache/nginx) then
> set up a rule that just blocks any request to xmlrpc.php?

If you're on Apache, something like the following should do it (within
your VirtualHost block);

  <Location /xmlrpc.php>
    Deny from all
  </Location>

This is untested, so use at your own risk etc etc.

Malc

> On 06/07/2012, at 1:59 PM, Steve H wrote:
> 
> > Hi Roro,
> > 
> > Some idiot is posting junk to myapp.com/xmlrpc.php in what I can only 
> > assume is part of a generic hacking attempt.
> > 
> > I get: REXML::ParseException: Missing end tag for 'base64' (got "param") 
> > Line: 1 Position: 5024 Last 80 unconsumed characters:
> > 
> > However the stack trace doesn't show a point in my app where I can catch it 
> > as the error was thrown while parsing the XML from Rack.
> > 
> > Stack trace via airbrake: https://gist.github.com/3057978
> > 
> > Any ideas?
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Ruby or Rails Oceania" group.
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msg/rails-oceania/-/gSg1kzmxCfEJ.
> > To post to this group, send email to [email protected].
> > To unsubscribe from this group, send email to 
> > [email protected].
> > For more options, visit this group at 
> > http://groups.google.com/group/rails-oceania?hl=en.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ruby or Rails Oceania" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to 
> [email protected].
> For more options, visit this group at 
> http://groups.google.com/group/rails-oceania?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
or Rails Oceania" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/rails-oceania?hl=en.

Reply via email to