Full Disclosure: Re: Apache Killer

Re: Apache Killer

From: Pat Maechler <Patrick.Maechler () stud unibas ch>
Date: Wed, 24 Aug 2011 19:07:11 +0200

Does this fix work as well if I put it in httpd.conf instead?
I'm no Apache/RewriteEngine crack, but I know that there are some  
differences with the rewrite engine if you put it into httpd.conf  
instead of .htaccess (and I have currently no possibility to do a safe  
test) :-/

Reply to

From: Davide Guerri <davide.guerri () gmail com>
Date: Wed, 24 Aug 2011 10:03:03 +0200

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(HEAD|GET) [NC]
RewriteCond %{HTTP:Range} ([0-9]*-[0-9]*)(\s*,\s*[0-9]*-[0-9]*)+
RewriteRule .* - [F]


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Apache Killer, (continued)
- Re: Apache Killer Mark J Cox (Aug 24)
- Re: Apache Killer Kim Henriksen (Aug 22)
  - Re: Apache Killer Jari Fredriksson (Aug 22)
- Apache Killer confirm.ed (Aug 22)
- Re: Apache Killer Pat Maechler (Aug 25)
  - Re: Apache Killer -= Glowing Sex =- (Aug 25)
    - Re: Apache Killer HI-TECH . (Aug 27)