How to block these requests with http:// in the params?

Shri_S_DevLib.Org · November 24, 2009, 7:41am

How would I go about blocking requests which try to exploit application
/ php flaws?

One in particular is … of the form
http://www.domain.com/search.php?searchterm=http://217.218.xxx.x/abc.php

I’d like to block all requests which have a param that begins with
http:// (searchterm in the above case).

Can this be done at a server level?

Regards,
Shri

Shri_S_DevLib.Org · November 28, 2009, 8:25am

I have a webserver W hosting photos to which i refer from websites A and
B. So, i have same photos on websites A and B. What i’d like to do is
display one specific photo instead of current images on website B. Can
this be done with nginx ? Thanks in advance.

Posted at Nginx Forum:

Shri_S_DevLib.Org · December 19, 2009, 3:25pm

On Tue, Nov 24, 2009 at 02:41:04PM +0800, Shri @ DevLib.Org wrote:

How would I go about blocking requests which try to exploit application / php flaws?

One in particular is … of the form http://www.domain.com/search.php?searchterm=http://217.218.xxx.x/abc.php

I’d like to block all requests which have a param that begins with http:// (searchterm in the above case).

Can this be done at a server level?

 server {

     if ($arg_searchterm ~ ^http://) {
         return 403;
     }

or for any paramter name:

     if ($args ~ =http://) {
         return 403;
     }

–
Igor S.
http://sysoev.ru/en/

Shri_S_DevLib.Org · December 19, 2009, 3:25pm

Thanks Igor, was not aware of the args variable.

Regards,
Shri

----- Original Message -----
From: “Igor S.” [email protected]
To: [email protected]
Sent: Tuesday, November 24, 2009 4:12 PM
Subject: Re: How to block these requests with http:// in the params?