SEARCH attack
Hi,
I hoping somebody can both fill me in on what this SEARCH is all about, and
what I can/should do to stop it:
Every so often I find a very long request in my Apache access logs that
seems to be an attempted SEARCH ("SEARCH /\x90\x02\xb1\x02\xb1\x02\ ...").
1). Is this a security problem (on a Linux server)?
2). If so, how can I stop this? I tried to stop it using a <Limit SEARCH>,
but a configtest told me that "SEARCH" was an undefined or unknown method.
I placed the <Limit SEARCH> within the <Directory /> container as well as
out on it's own in the config file.
3). Is this a Windows platform issue?
4). If so, how can I stop these attempts from filling up my access logs.
All info is greatly appreciated!
Thanks,
Robert
Reply to: