UPWORK/ODESK guru: Tips and Tricks for clients

skype: upwork.link , email: info@upwork.link

Stopping “connect” attacks: PHP vs Apache2

without comments

If mod_proxy is commented out but you are using php5. Tried putting this statement http.allowed_methods = GET & POST into /*/php.ini But it had no effect? The best solution was to add an location declarative with a LimitExcept. The location in the httpd-conf where to place this is very important.

First find this in the conf file

#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions for directories.
#

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Deny from all
</Directory>

Then add the following right after it and restart apache to activate.

# Second, we configure the "default" Location to restrict the methods
allowed
# to stop CONNECT method attacks.
#


<Location />
    <LimitExcept GET POST>
       Order allow,deny
       Deny from all
    </LimitExcept>
</Location>

All CONNECT requests from this point on will get a status code of 403
Forbidden for both perl and php CONNECT attacks.

Written by spectre

November 24th, 2014 at 7:42 pm

Posted in Tips and Tricks

Leave a Reply

*