On Thu, 25 Aug 2011, Always Learning wrote:
To: CentOS mailing list centos@centos.org From: Always Learning centos@u61.u22.net Subject: Re: [CentOS] Apache warns Web server admins of DoS attack tool
On Thu, 2011-08-25 at 13:31 -0700, Kenneth Porter wrote:
--On Thursday, August 25, 2011 9:09 PM +0100 Always Learning centos@u61.u22.net wrote:
The temporary fix is shown on several web sites as this, shown below, added to Apache's conf file:-
I try to minimize changes to main files. Presumably putting that code in a separate file (eg. conf.d/RangeVulnerabilityWorkaround.conf) should work equally well?
I have a different set-up but I believe your suggestion should work.
I have broken-up the very large conf file (/etc/httpd/conf/httpd.conf) into 3 main parts. Part 1 is left in situ. Parts 2 and 3 are located elsewhere.
#-------------- Section 2: 'Main' server configuration -------------
Include /data/config/apache/server.conf
#--------------- Section 3: Virtual Hosts -------------------------
include /data/config/apache/domain.*
#----------------------------------------------------------------------
I've done something similar with the modules section, as that what appears to change the most between the default httpd.conf files :)
#----------------------------------------------------------- # Dynamic Shared Object (DSO) Support Include conf/dso-modules
# The php install script will look in this file # for 'LoadModule' directives. # # To keep the php installer happy, we load the libphp5.so # module here, in this file.
# LoadModule foo_module modules/mod_foo.so # LoadModule php5_module modules/libphp5.so LoadModule php5_module modules/libphp5.so
#-----------------------------------------------------------
Kind Regards,
Keith Roberts
----------------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------