The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HTTP Response Splitting Attack

Discussion in 'Security' started by helper, Nov 19, 2009.

  1. helper

    helper Member

    Joined:
    Sep 27, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I have just been a recent recipient of an HTTP Splitting Attack. Has anybody else had this issue and what did you do to stop future attacks?

    Thanks in advance!
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Actually there is a great many thing that can be done ....

    You will want to URL Encode any strings before they are passed
    to headers when used in scripts

    May need to install Mod_Security or adjust your rules

    Setting up SuHosin can be helpful for PHP if you don't have it already

    There is also patches you can make to Apache that will pre-filter requests

    I'd be glad to give you a hand with this and I should be online most of day today except for a few dips out for lunch and coffee, etc
     
Loading...

Share This Page