There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.
http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/
There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code
1 2 3 4 5 6 7 | # Drop the Range header when more than 5 ranges. # CVE-2011-3192 SetEnvIf Range (,.*?){5,} bad-range=1 RequestHeader unset Range env=bad-range # optional logging. CustomLog logs/range-CVE-2011-3192.log common env=bad-range |
You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.
Share it now!
Be a fan
Related Posts
August 14, 2011 -- WordPress Permalink Sub-Directory 404 Error Weirdness (0)
April 5, 2013 -- Apache Tomcat Native library Not Found Error on Ubuntu (0)
May 29, 2012 -- WordPress and Protecting Directories with .htaccess (0)
December 22, 2010 -- Looking at Cassandra (DB) and Hiphop (Compiling PHP to Native C) (0)
September 4, 2011 -- Pasword Protected Sub Directories Missing on Index Listing with Apache2 (0)