Thanks mex, I’ll check it out.
> On Apr 1, 2015, at 4:50 PM, mex <nginx-forum@nginx.us> wrote:
>
> hi cole,
>
> if implemetable you couldd use naxsi https://github.com/nbs-system/naxsi
> for this, there exists a rule to detect and block
> shellshock-exploit-attempts:
>
> MainRule "str:() {" "msg:Possible Remote code execution through Bash
> CVE-2014-6271" "mz:BODY|HEADERS" "s:$ATTACK:8" id:42000393 ;
>
> see -> http://spike.nginx-goodies.com/rules/view/42000393
>
> there is also an extended ruleset available
> -> https://bitbucket.org/lazy_dogtown/doxi-rules
>
> cheers,
>
> mex
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx