Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

HTTP Response Splitting Attack

Discussion in 'Security' started by helper, Nov 19, 2009.

  1. helper

    helper Member

    Joined:
    Sep 27, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    51
    I have just been a recent recipient of an HTTP Splitting Attack. Has anybody else had this issue and what did you do to stop future attacks?

    Thanks in advance!
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    8
    Trophy Points:
    193
    Actually there is a great many thing that can be done ....

    You will want to URL Encode any strings before they are passed
    to headers when used in scripts

    May need to install Mod_Security or adjust your rules

    Setting up SuHosin can be helpful for PHP if you don't have it already

    There is also patches you can make to Apache that will pre-filter requests

    I'd be glad to give you a hand with this and I should be online most of day today except for a few dips out for lunch and coffee, etc
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice