Apache equiv of IIS's URLScan
Hi:
This is something perhaps for the Dathorn tech's to think about deploying.
In my past I spent a lot of time (4 years or so) running IIS sites in corporate environments.
Aside from all the general wonderfulness and efficiency of IIS compared to Apache (trust me!), one of the tools I installed on all the sites I ran was a wonderful tool from MS called URLScan.
URLScan sat in front of IIS and filtered URL requests before they were acted upon by IIS, and it acted upon user configurable rules - eg was the request too long, did it contain invalid characters, did it match a particular and known exploit pattern etc. URLScan beautifully blocked a hell of a lot of crap from ever reaching the web server - eg all the Code Red stuff, common WebDav exploits etc, as well as simply a lot of mal-formed URLs. It also made it very easy to mask server headers etc too, if that was of interest to you.
I have been looking for a similar tool for Apache for a while, for some personal non Dathorn sites, and finally stumbled across one:
The techs at Dathorn might like to look into this. It might solve a few problems around the place at Dathorn.
(Of course, depending how you configure it, it might also CAUSE a few problems too. Some testing will be required and your mileage may vary etc etc).
cheers
This is something perhaps for the Dathorn tech's to think about deploying.
In my past I spent a lot of time (4 years or so) running IIS sites in corporate environments.
Aside from all the general wonderfulness and efficiency of IIS compared to Apache (trust me!), one of the tools I installed on all the sites I ran was a wonderful tool from MS called URLScan.
URLScan sat in front of IIS and filtered URL requests before they were acted upon by IIS, and it acted upon user configurable rules - eg was the request too long, did it contain invalid characters, did it match a particular and known exploit pattern etc. URLScan beautifully blocked a hell of a lot of crap from ever reaching the web server - eg all the Code Red stuff, common WebDav exploits etc, as well as simply a lot of mal-formed URLs. It also made it very easy to mask server headers etc too, if that was of interest to you.
I have been looking for a similar tool for Apache for a while, for some personal non Dathorn sites, and finally stumbled across one:
The techs at Dathorn might like to look into this. It might solve a few problems around the place at Dathorn.
(Of course, depending how you configure it, it might also CAUSE a few problems too. Some testing will be required and your mileage may vary etc etc).
cheers