| | |
|
|
BadBlue Security - Frequently Asked Questions
|
|
BadBlue Help Center
>>
Security FAQ
BadBlue Discussion
Email support
|
|
|
|
How can I protect myself against new security exploits?
All versions of BadBlue now support Soft Firewall technology.
Because no system is impervious from attack, BadBlue allows you to
specify protection statements in the configuration file. These
statements can filter out exploits as they are discovered, allowing
you to protect yourself immediately.
|
|
How do I configure a protection statement?
You can control server protection by modifying the EXT.INI file in the
BadBlue directory. Simply add the following lines to the bottom
of the EXT.INI file (remember, if the [SERVICES] line already exists in
the file, add the protection statements - the lines beginning with the
word exploit - in the existing services section):
[SERVICES]
exploit1=@@@@@@@@@,@@@@@@@@@
exploit2=$REBOOT$,
Note: these protection statements are examples (they are not
needed in your EXT.INI file; they are used for purposes of illustration
only). These statements would shield the server from attacks such as:
http://myDNSname.com/@@@@@@@@@.htm
http://myDNSname.com/index.htm?query=@@@@@@@@@
http://myDNSname.com/$REBOOT$
Protection statements take the form:
exploit#=[URL-pattern],[Query-string-pattern]
The # signifies the unique exploit number (1 to n, which you assign
yourself). URL-pattern specifies the string which - if found in the
URL - will be removed before the server processes it. Query-string-pattern
indicates the string which - if found in the query string - will be removed
before the server processes it. A query string is the portion of a complete
request that occurs after the ? character in an HTTP GET request.
Protection statements can specify URL-pattern, Query-string-pattern, or both.
|
|
BadBlue Help Center
>>
Security FAQ
BadBlue Discussion
Email support
|
|
|
