FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 06-13-2008, 06:31 AM
Joseph
 
Default htaccess file

I have in my main "htaccess" file the following condition, is it still needed:
---------code------------
# The following makes adjustments to the SSL protocol for Internet
# Explorer browsers

<IfModule mod_rewrite.c>
RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
</IfModule>

<IfModule mod_setenvif.c>
<IfDefine SSL>
SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
</IfDefine>
</IfModule>
------end code--------------


Can somebody enlighten me what below RewriteCond protect against? :-/

RewriteEngine On
RewriteCond %{QUERY_STRING} :/ [NC]
RewriteRule ^ - [F]

--
#Joseph
--
gentoo-user@lists.gentoo.org mailing list
 
Old 06-15-2008, 11:35 PM
Iain Buchanan
 
Default htaccess file

On Fri, 2008-06-13 at 00:31 -0600, Joseph wrote:
> I have in my main "htaccess" file the following condition, is it still needed:
> ---------code------------
> # The following makes adjustments to the SSL protocol for Internet
> # Explorer browsers
>
> <IfModule mod_rewrite.c>
> RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
> RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
> </IfModule>

hee hee! When I had my apache webserver public, I used to get all these
requests for wierd url's like that. Then I realised it was just the
script kiddies trying the usual exploits that didn't exist. It's
probably safe to leave or delete as you see fit.

don't know about the rest of your questions

--
Iain Buchanan <iaindb at netspace dot net dot au>

Nothing can be done in one trip.
-- Snider

--
gentoo-user@lists.gentoo.org mailing list
 
Old 06-17-2008, 12:27 AM
darren kirby
 
Default htaccess file

quoth the Iain Buchanan:
> On Fri, 2008-06-13 at 00:31 -0600, Joseph wrote:
> > I have in my main "htaccess" file the following condition, is it still
> > needed: ---------code------------
> > # The following makes adjustments to the SSL protocol for Internet
> > # Explorer browsers
> >
> > <IfModule mod_rewrite.c>
> > RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/_vti_bin/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/scripts/..(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/_mem_bin/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/msadc/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/MSADC/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/c/winnt/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/d/winnt/(.*)$ http://www.microsoft.com
> > RedirectMatch permanent (.*)/x90/(.*)$ http://www.microsoft.com
> > </IfModule>
>
> hee hee! When I had my apache webserver public, I used to get all these
> requests for wierd url's like that. Then I realised it was just the
> script kiddies trying the usual exploits that didn't exist. It's
> probably safe to leave or delete as you see fit.

Yeah, these sorts of requests have all but dried up on my server over the last
few years, but it was fun to have them all hammer on Microsoft's servers
rather than mine.

> don't know about the rest of your questions

Me neither, but if I was to hazard a guess, I would say that:

RewriteCond %{QUERY_STRING} :/ [NC]
RewriteRule ^ - [F]

matches any query strings with ":/" in them, and returns a 403 forbidden
error. Though, I am not sure ":/" is interpreted literally or not. Doesn't
look like any PCRE i've seen...


> --
> Iain Buchanan <iaindb at netspace dot net dot au>
>
> Nothing can be done in one trip.
> -- Snider

-d
--
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org
"...the number of UNIX installations has grown to 10, with more expected..."
- Dennis Ritchie and Ken Thompson, June 1972
--
gentoo-user@lists.gentoo.org mailing list
 

Thread Tools




All times are GMT. The time now is 07:25 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org