Jump to content
xisto Community
iGuest

phpBB - worm... important!!!

By iGuest, in General Discussion

Recommended Posts

iGuest    3

iGuest
Posted

if anyone's interested...

add this to your .htaccess file in your root folder (where the php app is installed e.g. phpbb, phpnuke etc)

#TEMP BANS FOR SANTY WORM:RewriteEngine on#CHECK FOR KNOWN USED USER_AGENTS:RewriteCond %{HTTP_USER_AGENT} ^LWP::Simple       [NC,OR]RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial       [NC,OR]RewriteCond %{HTTP_USER_AGENT} ^libwww-perl       [NC,OR]#CHECK FOR KNOWN ORIGINATORS IN URL:RewriteCond %{REQUEST_URI} visualcoders         [NC,OR]RewriteCond %{REQUEST_URI} midomain.false.ca  [NC,OR]RewriteCond %{REQUEST_URI} envidiosos.org      [NC,OR]RewriteCond %{REQUEST_URI} filepack.superbr.org [NC,OR]#CHECK FOR COMMON STRINGS IN QUERY :RewriteCond %{QUERY_STRING} highlight=%2527    [NC,OR]RewriteCond %{QUERY_STRING} rush=([^&]+)        [NC]#IF MATCHED, SEND VISITOR TO THEIR OWN LOOPBACK ADDRESS:RewriteRule ^.*$ http://127.0.0.1 [L]

Filters all Santy attacks by redirecting them to localhost :D

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept