HTTP Response Splitting Attack

**helper** · 11-19-2009 07:43 AM

I have just been a recent recipient of an HTTP Splitting Attack. Has anybody else had this issue and what did you do to stop future attacks?

Thanks in advance!

**Spiral** · 11-20-2009 12:11 PM

Actually there is a great many thing that can be done ....

You will want to URL Encode any strings before they are passed
to headers when used in scripts

May need to install Mod_Security or adjust your rules

Setting up SuHosin can be helpful for PHP if you don't have it already

There is also patches you can make to Apache that will pre-filter requests

I'd be glad to give you a hand with this and I should be online most of day today except for a few dips out for lunch and coffee, etc

LinkBack

Thread Tools

HTTP Response Splitting Attack

Splitting Apache Error Log Into Error Types

Splitting /usr and using an empty partition

Extrange http query attack

splitting webspace and emails onto two different servers

HTTPD.CONF Splitting Vhosts