Knowledgebase
Portal Home > Knowledgebase > Articles Database > Modsec and X-Flash :(
Modsec and X-Flash :(
Posted by VIETHOSTING, 08-08-2008, 05:50 PM Hi, Is there anyone know how to use Modsec to block refer from .swf file like: X-flash DDOS. Example: Domain: xyz.com X-flash site: http://attack.com/ddos.swf On cpanel xyz.com we can see in List Last Visit many ip and refer with post and get from http://attack.com/ddos.swf file. How can we use modsec block request like this ? P/S: sorry my english not well
Posted by TheITAdvisory, 08-08-2008, 11:11 PM Were all of the IP's the same?
Posted by VIETHOSTING, 08-09-2008, 05:35 AM None, they re not the same. This type attack using visitor from a site and refer these ips to victim site with many post or get request.
Posted by TheITAdvisory, 08-09-2008, 11:18 AM I see, and the referrer is the attacker site? If you look at the http header packets, if the referrer is the attackers website, just block their website in a .htaccess
Add to Favourites Print this Article
Also Read