On Sat, Mar 1, 2025 at 6:26 PM Bo Berglund wrote:
> On Fri, 28 Feb 2025 10:30:51 -0500, Frank Gingras
> wrote:
>
> >Moving to a modern mod_md approach might be better then, or alternatively,
> >if you want to keep using the third party letsencrypt tools, asking your
> >distro's support venues mi
On Fri, 28 Feb 2025 10:30:51 -0500, Frank Gingras wrote:
>Moving to a modern mod_md approach might be better then, or alternatively,
>if you want to keep using the third party letsencrypt tools, asking your
>distro's support venues might work.
I don't want to move to a different method right now
> However, some requests, such as the following, remain logged by
> Apache even when they are from IP addresses in the block list,
> and regardless of whether we have LogLevel set to info or warn:
>
> /file%3a/etc%2fpasswd%00
> /%0d%0aSet-Cookie:crlfinjection=1;
> /cgi-bin.%2e/.%2e/
Tony Olekshy wrote, on 2025-02-24 at 11:32 MST:
>
> Our Apache httpd.conf is configured to include these lines for
> blocking requests from a list of IP addresses without logging
> them — in this order and mixed with other lines — yet some such
> requests are logged anyway:
>
> CustomLog logs/
