Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo User (http://www.linux-archive.org/gentoo-user/)
-   -   htaccess file (http://www.linux-archive.org/gentoo-user/105961-htaccess-file.html)

Joseph 06-13-2008 06:31 AM

htaccess file
 
I have in my main "htaccess" file the following condition, is it still needed:
---------code------------
# The following makes adjustments to the SSL protocol for Internet
# Explorer browsers

<IfModule mod_rewrite.c>
RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
</IfModule>

<IfModule mod_setenvif.c>
<IfDefine SSL>
SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
</IfDefine>
</IfModule>
------end code--------------


Can somebody enlighten me what below RewriteCond protect against? :-/

RewriteEngine On
RewriteCond %{QUERY_STRING} :/ [NC]
RewriteRule ^ - [F]

--
#Joseph
--
gentoo-user@lists.gentoo.org mailing list

Iain Buchanan 06-15-2008 11:35 PM

htaccess file
 
On Fri, 2008-06-13 at 00:31 -0600, Joseph wrote:
> I have in my main "htaccess" file the following condition, is it still needed:
> ---------code------------
> # The following makes adjustments to the SSL protocol for Internet
> # Explorer browsers
>
> <IfModule mod_rewrite.c>
> RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
> </IfModule>

hee hee! When I had my apache webserver public, I used to get all these
requests for wierd url's like that. Then I realised it was just the
script kiddies trying the usual exploits that didn't exist. It's
probably safe to leave or delete as you see fit.

don't know about the rest of your questions :)

--
Iain Buchanan <iaindb at netspace dot net dot au>

Nothing can be done in one trip.
-- Snider

--
gentoo-user@lists.gentoo.org mailing list

darren kirby 06-17-2008 12:27 AM

htaccess file
 
quoth the Iain Buchanan:
> On Fri, 2008-06-13 at 00:31 -0600, Joseph wrote:
> > I have in my main "htaccess" file the following condition, is it still
> > needed: ---------code------------
> > # The following makes adjustments to the SSL protocol for Internet
> > # Explorer browsers
> >
> > <IfModule mod_rewrite.c>
> > RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
> > </IfModule>
>
> hee hee! When I had my apache webserver public, I used to get all these
> requests for wierd url's like that. Then I realised it was just the
> script kiddies trying the usual exploits that didn't exist. It's
> probably safe to leave or delete as you see fit.

Yeah, these sorts of requests have all but dried up on my server over the last
few years, but it was fun to have them all hammer on Microsoft's servers
rather than mine.

> don't know about the rest of your questions :)

Me neither, but if I was to hazard a guess, I would say that:

RewriteCond %{QUERY_STRING} :/ [NC]
RewriteRule ^ - [F]

matches any query strings with ":/" in them, and returns a 403 forbidden
error. Though, I am not sure ":/" is interpreted literally or not. Doesn't
look like any PCRE i've seen...


> --
> Iain Buchanan <iaindb at netspace dot net dot au>
>
> Nothing can be done in one trip.
> -- Snider

-d
--
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org
"...the number of UNIX installations has grown to 10, with more expected..."
- Dennis Ritchie and Ken Thompson, June 1972
--
gentoo-user@lists.gentoo.org mailing list


All times are GMT. The time now is 06:12 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.