Optionsbleed – mod_security

Published by Matt Clemons on

It’s easy to stop Optionsbleed with mod_security, unless you need HTTP OPTIONS on your web server.  If you’re using CRS, you can uncomment rule number 900200 in crs-setup.conf.  The idea here is to only allow what needs to be allowed, and drop everything else.  Of course, if you’re not using limits, it may not be a problem.

SecAction \
"id:900200,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:'tx.allowed_methods=GET HEAD POST'"

 

Categories: Security

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Security

Threathunting with Elasticsearch

All kinds of interesting information can be found using the Elasticsearch API. https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html I find it easier than using Kibana, but Kibana was necessary to figure out the query language. Using the same queries, you Read more…

Hardware

Cisco router CA server

Easy way to create a CA server for testing purposes.

Linux

Cleared SAA-C02

I started with acloud.guru AWS Certified Solutions Architect Associate course. https://acloudguru.com/course/aws-certified-solutions-architect-associate-saa-c02 If you get the pro subscription, you get access to labs without having to create your own AWS accounts. I think it’s 50 bucks Read more…