Permalink
Browse files

Fix for CVE-2011-3192 Apache DOS

  • Loading branch information...
1 parent 9bceff4 commit dda52876c15ef45757aee298721efe1001af0037 Some Random GlobaLeaks contributors committed Aug 26, 2011
Showing with 10 additions and 0 deletions.
  1. +10 −0 apache/tor
View
@@ -8,6 +8,11 @@ NameVirtualHost *:80
ServerAlias *.tor2web.com
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1
+
+# Fix for CVE-2011-3192 Apache DOS
+ SetEnvIf Range (,.*?){5,} bad-range=1
+ RequestHeader unset Range env=bad-range
+
</VirtualHost>
@@ -35,6 +40,11 @@ NameVirtualHost *:80
SSLCertificateFile /etc/ssl/certs/tor2web.pem
SSLCertificateKeyFile /etc/ssl/private/tor2web.key
+# Fix for CVE-2011-3192 Apache DOS
+ SetEnvIf Range (,.*?){5,} bad-range=1
+ RequestHeader unset Range env=bad-range
+
+
RewriteEngine On
# NEW CONFIGURATION

0 comments on commit dda5287

Please sign in to comment.