Anyone help stopping POST to php scripts in apache - GoFuckYourself.com

blazin · 11-29-2008, 01:10 PM

Got a nasty virus that updates files via post to php scripts... want to stop it at apache... anyone know how?

Please!

HomerSimpson · 11-29-2008, 01:17 PM

try by installing mod_security...
If you have it installed just apply this rule at your htaccess

Code:

<IfModule mod_security.c>
# Sends matching requests a 405 Method Not Allowed Status Code
SecFilterSelective REQUEST_METHOD "!^(GET|HEAD|OPTIONS)$" "deny,auditlog,status:405"
</IfModule>

This should block ALL POSTS and will show 405 error.

I have used mod_security but never used this rules so I don't know if it works.
I found those rules on this page (modified it a bit to suite your needs)
http://www.askapache.com/htaccess/mo...ss-tricks.html

blazin · 11-29-2008, 01:20 PM

Thanks.... looks like that might be useful.

Varius · 11-29-2008, 01:25 PM

You can probably use the <Limit></Limit> in your vhost or .htaccess or whatever, something like:

<Limit POST>
Require valid-user
</Limit>

or

<Limit POST>
Deny from all
</Limit>

Didn't try it, but pretty sure that's what the <Limit> item is for

blazin · 11-29-2008, 01:42 PM

Quote:

Originally Posted by Varius

You can probably use the <Limit></Limit> in your vhost or .htaccess or whatever, something like:

<Limit POST>
Require valid-user
</Limit>

or

<Limit POST>
Deny from all
</Limit>

Didn't try it, but pretty sure that's what the <Limit> item is for

Thanks Varius

11-29-2008, 01:10 PM	#1
blazin Confirmed User Join Date: Aug 2002 Posts: 2,781	Anyone help stopping POST to php scripts in apache Got a nasty virus that updates files via post to php scripts... want to stop it at apache... anyone know how? Please! __________________ I don't endorse a god damn thing......

11-29-2008, 01:17 PM	#2
HomerSimpson Too lazy to set a custom title Industry Role: Join Date: Sep 2005 Location: Springfield Posts: 13,826	try by installing mod_security... If you have it installed just apply this rule at your htaccess Code: <IfModule mod_security.c> # Sends matching requests a 405 Method Not Allowed Status Code SecFilterSelective REQUEST_METHOD "!^(GET\|HEAD\|OPTIONS)$" "deny,auditlog,status:405" </IfModule> This should block ALL POSTS and will show 405 error. I have used mod_security but never used this rules so I don't know if it works. I found those rules on this page (modified it a bit to suite your needs) http://www.askapache.com/htaccess/mo...ss-tricks.html __________________ Make a bank with Chaturbate - the best selling webcam program Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!! PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 \| Email:

11-29-2008, 01:20 PM	#3
blazin Confirmed User Join Date: Aug 2002 Posts: 2,781	Thanks.... looks like that might be useful. __________________ I don't endorse a god damn thing......

11-29-2008, 01:25 PM	#4
Varius Confirmed User Industry Role: Join Date: Jun 2004 Location: New York, NY Posts: 6,890	You can probably use the <Limit></Limit> in your vhost or .htaccess or whatever, something like: <Limit POST> Require valid-user </Limit> or <Limit POST> Deny from all </Limit> Didn't try it, but pretty sure that's what the <Limit> item is for __________________ Skype variuscr - Email varius AT gmail