The script that crashes Apache is called killapache.pl and is all over the internet, for example http://pastebin.com/EYFUnFRz
Everyone out there having a webserver should protect it against this script. There are all kind of solutions on the web, I personally searched for one that would work on Centos. I created a file called fix-ddos.conf and placed it in /etc/httpd/conf.d. This file contains:
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range
For Ubuntu it was enough to add to apache.conf the two lines:
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range
There are some other proposed solutions, but I only tested successfully the two I mentioned. Other solutions and further information are available here: http://www.dslreports.com/forum/r26243047-Apache-1.x-2.x-Range-header-security-issue
No comments:
Post a Comment