Good Morning.
We have a bunch of WordPress sites.
We also have a requirement to be scanned by Nessus and AppScan.
This drives the caching on WordPress nuts.
I have been able to significantly reduce this with a ReWriteRule.
RewriteEngine on
RewriteRule .*\.(dll|ini|exe|com)$ - [R=404,NC]
RewriteRule .*(etc\/passwd)$ - [R=404,NC]
It has helped a lot.
However...
RewriteRule *(\/..\/..\/..\/..\/)* - [R=404,NC]
RewriteRule *(\\...\\...\\...\\)* - [R=404,NC]
Has Not.
(from the access log)
XXX.XXX.XXX.XXX - - [27/Jan/2014:21:49:32 -0500] "GET
/search?NS-query-pat=../../../../../../../../../etc/passwd HTTP/1.1" 500
- "-" "Mozilla/4.0 (compatible"
XXX.XXX.XXX.XXX - - [27/Jan/2014:20:40:45 -0500] "GET
/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini HTTP/1.1"
404 249 "-" "Mozilla/4.0 (compatible"
I have been stymied by creating a regex to catch the attempts at
directory recursion.
It cannot be that hard.
What am i missing.
Thank you
eric
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
