That is the power of the 'empty value = does nothing' logic. :o)
---
*B. R.*
On Thu, Apr 2, 2015 at 3:33 PM, Cole Tierney
wrote:
> > On Apr 2, 2015, at 7:21 AM, itpp2012 wrote:
> >
> > Cole Tierney Wrote:
> > ---
> >> Or is there a better meth
> On Apr 2, 2015, at 7:21 AM, itpp2012 wrote:
>
> Cole Tierney Wrote:
> ---
>> Or is there a better method to block these?
>
> Not really better but good enough :)
>
> map $http_referer $waffableref {
>default
Cole Tierney Wrote:
---
> Or is there a better method to block these?
Not really better but good enough :)
map $http_referer $waffableref {
default 0;
~*\{.*\:\; 1;
}
map $http
if you have questions on naxsi, feel free to join the naxsi-discuss - ml
https://groups.google.com/forum/#!forum/naxsi-discuss
cheers,
mex
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,257792,257801#msg-257801
___
nginx mailing list
ng
Thanks mex, I’ll check it out.
> On Apr 1, 2015, at 4:50 PM, mex wrote:
>
> hi cole,
>
> if implemetable you couldd use naxsi https://github.com/nbs-system/naxsi
> for this, there exists a rule to detect and block
> shellshock-exploit-attempts:
>
> MainRule "str:() {" "msg:Possible Remote cod
hi cole,
if implemetable you couldd use naxsi https://github.com/nbs-system/naxsi
for this, there exists a rule to detect and block
shellshock-exploit-attempts:
MainRule "str:() {" "msg:Possible Remote code execution through Bash
CVE-2014-6271" "mz:BODY|HEADERS" "s:$ATTACK:8" id:42000393 ;
see
Hello,
I'm seeing lots of shellshock probing in my access logs. My server's not
vulnerable, but my logs are filling up with 404s. The requests are for random
cgi scripts. The referer and user_agents are the same and always start with ()
{ :; }; followed by curl or wget to a remote p
