Welcome! Log In Create A New Profile

Advanced

Content Spoofing vulnerability

August 11, 2017 02:47AM
Hi Guys,

We have multiple webservers behind Nginx Reverse Proxy and at one of the server we have discovered Content spoofing, the vulnerability is patched on Apache but also needs to be patchef on Nginx server.

I googled a lot but unable to find a relevant information. Can someone please suggest the way to mitigate the same on Nginx?

here is the Apache remediation

RewriteEngine on
RewriteCond %{HTTP_HOST} !^abc\.biz
RewriteCond %{HTTP_HOST} !^www\.abc\.biz
RewriteRule ^(.*)$ - [L,R=404]
ErrorDocument 404 "Page Not Found"

RewriteCond %{THE_REQUEST} !^[A-Z]{3,9}\ [a-zA-Z0-9\.\+_/\-\?\=\&\%&\,]+\ HTTP/
#RewriteRule .* - [F,NS,L]
RewriteRule ^(.*)$ - [L,R=404]
ErrorDocument 404 "Page Not Found"
Subject Author Posted

Content Spoofing vulnerability

blason August 11, 2017 02:47AM

Re: Content Spoofing vulnerability

c0nw0nk August 11, 2017 10:11AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 124
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 254 on July 05, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready