|
|||
relayd block bad request
Hi, all
With relayd, how can I block this request : Code:
/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> Code:
/?XDEBUG_SESSION_START=phpstorm
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 Last edited by CiotBSD; 6th May 2020 at 12:49 PM. |
|
|||
NO, this pass.
I attempt too, with block query or block path without any success! Even, as: Code:
block query "XDEBUG_SESSION_START" value "phpstorm" label "blocked" block request query "*" value "*" label "blocked" Why I attempt? Because, I delivery only static; and to try if possible.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 |
|
|||
OK, tonight, I found how to do:
Code:
block quick query "a" value "fetch" label '<em>Blocked!</em>' block quick query "XDEBUG_SESSION_START" label '<em>Blocked!</em>' ---- How can I block all methods other than GET, HEAD?! Do I specify block method for all of them?
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 Last edited by CiotBSD; 14th May 2020 at 11:35 PM. |
|
|||
Something like this:
Code:
http protocol getonly { return error pass quick method GET block label "Forbidden Method" } |
Tags |
bad, block, relayd, request |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Understanding relayd | sleepyjoe | OpenBSD Security | 2 | 26th April 2020 05:30 AM |
relayd which interface? | calanon | OpenBSD General | 3 | 5th November 2019 07:45 PM |
Relayd as a HTTPS client | e1-531g | OpenBSD Security | 4 | 11th January 2016 07:11 PM |
relayd | gpatrick | OpenBSD General | 0 | 8th May 2012 10:10 PM |
relayd | gpatrick | OpenBSD General | 1 | 16th January 2010 12:19 AM |