GoFuckYourself.com - Adult Webmaster Forum - Anyone help stopping POST to php scripts in apache

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)

- Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)

- - Anyone help stopping POST to php scripts in apache (https://gfy.com/showthread.php?t=872394)

blazin

11-29-2008 01:10 PM

Anyone help stopping POST to php scripts in apache

Got a nasty virus that updates files via post to php scripts... want to stop it at apache... anyone know how?

Please!

HomerSimpson

11-29-2008 01:17 PM

try by installing mod_security...
If you have it installed just apply this rule at your htaccess

Code:

<IfModule mod_security.c>

# Sends matching requests a 405 Method Not Allowed Status Code

SecFilterSelective REQUEST_METHOD "!^(GET|HEAD|OPTIONS)$" "deny,auditlog,status:405"

</IfModule>

This should block ALL POSTS and will show 405 error.

I have used mod_security but never used this rules so I don't know if it works.
I found those rules on this page (modified it a bit to suite your needs)
http://www.askapache.com/htaccess/mo...ss-tricks.html

blazin

11-29-2008 01:20 PM

Thanks.... looks like that might be useful.

Varius

11-29-2008 01:25 PM

You can probably use the <Limit></Limit> in your vhost or .htaccess or whatever, something like:

<Limit POST>
Require valid-user
</Limit>

or

<Limit POST>
Deny from all
</Limit>

Didn't try it, but pretty sure that's what the <Limit> item is for :)

blazin

11-29-2008 01:42 PM

Quote:

Originally Posted by Varius (Post 15120076)

Thanks Varius

All times are GMT -7. The time now is 02:50 AM.