Re: hmmm
This WebDNA talk-list message is from 2006
It keeps the original formatting.
numero = 67347
interpreted = N
texte = I figured it out...In my httpd.conf file, I added the following so it applies to all virtualhosts:
################################ # SECURITY FIX FOR A WEBDNA VULNERABILITY # ################################ RewriteEngine On RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC] RewriteRule ^.*$ - [F] ################################On 5/31/06 8:17 AM, "WJ Starck"
wrote:> Jesse-> > How does one implement the below listed rules?> > Will> > > On May 30, 2006, at 4:42 PMCDT, Jesse Proudman wrote:> >> Here's what I'm using:>> >> RewriteEngine On>> RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC]>> RewriteRule ^.*$ - [F]-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I figured it out...In my httpd.conf file, I added the following so it applies to all virtualhosts: ################################ # SECURITY FIX FOR A WEBDNA VULNERABILITY # ################################ RewriteEngine On RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC] RewriteRule ^.*$ - [F] ################################On 5/31/06 8:17 AM, "WJ Starck" wrote:> Jesse-> > How does one implement the below listed rules?> > Will> > > On May 30, 2006, at 4:42 PMCDT, Jesse Proudman wrote:> >> Here's what I'm using:>> >> RewriteEngine On>> RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR]>> RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC]>> RewriteRule ^.*$ - [F]-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Clint Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
webten vs. webstar (1998)
[SMSI]SMSI FTP (2002)
Exclamation point (1997)
Server IP address? (1998)
[WebDNA] [ot] Snow Leopard Server - Mac Mini (2010)
ShipTotal Again (1998)
Can you do this??? and other stuff (1997)
Shhh... (2006)
Practice runs ? (1997)
For those of you not on the WebCatalog Beta... (1997)
multiple credit card merchant accounts/processors (1997)
type 2 errors with ssl server (1997)
Searching for Email Address (2004)
Running _every_ page through WebCat ? (1997)
Sendmail and textarea (1998)
Help with WebCatalog (1998)
SKU (1997)
Authenticate and IIS (1997)
Numbers and Numbers and Me (1999)
NetCloak as Emailer substitute? (1999)