ModSecurity

2014-09-28

Shellshockã®æ”»æ’ƒã‚’ModSecurityã§é˜²ã

ä»Šå›žã®Shellshockå•é¡Œã®å¯¾ç–ã¨ã—ã¦ã¯æ™®é€šã«bashã®ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆã§è‰¯ã„ã®ã ã‘ã©ã‚‚ã€RedHatã«ModSecurityã§é˜²ãæ–¹æ³•ãŒè¼‰ã£ã¦ã„ãŸã€‚ The following mod_security rules can be used to reject HTTP requests containing data that may be interpreted by Bash asâ€¦

ã¦ãã¨ã†ãªãƒ¡ãƒ¢

æœ¬ã®æ„Ÿæƒ³ã¨ã‹æŠ€è¡“ãƒ¡ãƒ¢ã¨ã‹

ModSecurity

Shellshockã®æ”»æ’ƒã‚’ModSecurityã§é˜²ã

Shellshockã®æ”»æ’ƒã‚’ModSecurityã§é˜²ã

Shellshockã®æ”»æ’ƒã‚’ModSecurityã§é˜²ã