Reject requests with status 403
SecFilterEngine On # Reject requests with status 403 SecFilterDefaultAction "deny, log, status:403" # Some defaults SecFilterScanPOST On SecFilterCheckURLEncoding On SecFilterCheckUnicodeEncoding Off # Accept almost all byte values SecFilterForceByteRange 1 255 SecUploadDir /tmp SecUploadKeepFiles Off # Only accept request encoding we know how to handle # we exclude GET requests from this because some (automated) # client supply # "text/html" as Content-Type SecFilterSelective REQUEST_METHOD "!^(GET | HEAD) $" chain SecFilterSelective HTTP_Content-Type \ "!(^applicatin/x-www-form-urlencoded$ | ^multipart/form-data;)" # Do not accept GET or HEAD requests with bodies SecFilterSelective REQUEST_METHOD "^(GET | HEAD)$" chain SecFilterSelective HTTP_Content-Length "!^$" # Require Content-Length to be provided with every POST request SecFilterSelective REQUEST_METHOD "^POST$" chain SecFilterSelective HTTP_Content-Length "^$" # Don’t accept transfer encodings we know we don’t handle SecFilterSelective HTTP_Transfer-Encoding "!^$" |
Пример 11.1. |
Закрыть окно |