technoratica » Apache http://gavin.mclelland.ca The personal blog of a Stealth Mode CEO Thu, 10 Dec 2009 19:55:17 +0000 en hourly 1 http://wordpress.org/?v=3.0 .HTACCESS PCFG_OPENFILE: UNABLE TO CHECK HTACCESS FILE, ENSURE IT IS READABLE http://gavin.mclelland.ca/2009/12/10/htaccess-pcfg_openfile-unable-to-check-htaccess-file-ensure-it-is-readable/ http://gavin.mclelland.ca/2009/12/10/htaccess-pcfg_openfile-unable-to-check-htaccess-file-ensure-it-is-readable/#comments Thu, 10 Dec 2009 19:16:26 +0000 gavin.mclelland http://gavin.mclelland.ca/?p=57 If your running across this error in your error logs, there may be a simple solution for you.

This 403 error is usually caused by having AllowOverride set to All.

You can either fix this by Chmod’ding all your files to 644 (not very elegant) or paste the following into your apache conf file, replacing your “AllowOverride all” rule:

AllowOverride none
Order deny,allow
Allow from none

Just a quick tip, but hope this can save you some time!

]]> http://gavin.mclelland.ca/2009/12/10/htaccess-pcfg_openfile-unable-to-check-htaccess-file-ensure-it-is-readable/feed/ 0 Added SQL Injection attack protection with Rewrite Rules http://gavin.mclelland.ca/2008/06/07/added-sql-injection-attack-protection-with-rewrite-rules/ http://gavin.mclelland.ca/2008/06/07/added-sql-injection-attack-protection-with-rewrite-rules/#comments Sun, 08 Jun 2008 00:50:03 +0000 gavin.mclelland http://gavin.mclelland.ca/2008/06/07/added-sql-injection-attack-protection-with-rewrite-rules/ Sure you can protect against SQL injection attacks at the code layer, but what happens when hackers find something you missed? With Rewrite Rules, using mod_rewrite on apache or ISAPI_Rewrite for IIS, you can add rules to ignore URL based SQL Injection all together. Below is and example of some basic protection you can add.

In ISAPI_Rewrite

RewriteRule .*DECLARE.* /security-violation.htm [I]
RewriteRule .*NVARCHAR.* /security-violation.htm [I]
RewriteRule .*INSERT .* /security-violation.htm [I]
RewriteRule .*INSERT %20.* /security-violation.htm [I]
RewriteRule .* xp_.* /security-violation.htm [I]
RewriteRule .*%20xp_.* /security-violation.htm [I]
RewriteRule .*%20@.* /security-violation.htm [I]
RewriteRule .* @.* /security-violation.htm [I]
RewriteRule .*@%20.* /security-violation.htm [I]
RewriteRule .*@ .* /security-violation.htm [I]
RewriteRule .*';* /security-violation.htm [I]
RewriteRule .*EXEC\(@.* /security-violation.htm [I]
RewriteRule .*sp_password.* /security-violation.htm [I]
RewriteRule /security-violation.htm /security.cfm[I,L]

In mod_rewrite

RewriteRule .*DECLARE.* /security-violation.htm [NC]
RewriteRule .*NVARCHAR.* /security-violation.htm [NC]
RewriteRule .*INSERT .* /security-violation.htm [NC]
RewriteRule .*INSERT %20.* /security-violation.htm [NC]
RewriteRule .* xp_.* /security-violation.htm [NC]
RewriteRule .*%20xp_.* /security-violation.htm [NC]
RewriteRule .*%20@.* /security-violation.htm [NC]
RewriteRule .* @.* /security-violation.htm [NC]
RewriteRule .*@%20.* /security-violation.htm [NC]
RewriteRule .*@ .* /security-violation.htm [NC]
RewriteRule .*';* /security-violation.htm [NC]
RewriteRule .*EXEC\(@.* /security-violation.htm [NC]
RewriteRule .*sp_password.* /security-violation.htm [NC]
RewriteRule /security-violation.htm /security.cfm[NC,L]

Add security.cfm to your webroot:

<cfoutput>
 
<h1>
HACK ATTEMPT LOGGED FROM IP: #remote_addr# 
</h1>
 
#DateFormat(Now(), "MM-DD-YYYY")# @ #TimeFormat(Now(), "HH:MM:SS")#
 
#script_name#&#query_string#
 
</cfoutput>
 
<cfmail to="Sysadmin" from="Your Website" subject="HACK ATTEMPT FROM IP: #remote_addr#">
 
HACK ATTEMPT RECORDED:
 
#DateFormat(Now(), "MM-DD-YYYY")# @ #TimeFormat(Now(), "HH:MM:SS")#
 
IP: #remote_addr#
 
ATTEMPT:
 
http://#server_name##script_name#&#query_string#
</cfmail>
<cfabort>
]]> http://gavin.mclelland.ca/2008/06/07/added-sql-injection-attack-protection-with-rewrite-rules/feed/ 5