Apache Vulnerability Patch

From Wiki

(Difference between revisions)
Jump to: navigation, search
Line 6: Line 6:
  <nowiki>rpm -Uvh http://sw.1h.com/centos/1h-repository.noarch.rpm</nowiki>
  <nowiki>rpm -Uvh http://sw.1h.com/centos/1h-repository.noarch.rpm</nowiki>
-
Once installed you can use yum to load mod_range limit for your server. Use the corresponding package version for your Apache web server:
+
Once installed you can use yum to load mod_rangelimit for your server. Use the corresponding package version for your Apache web server:
yum install mod_rangelimit-ap13
yum install mod_rangelimit-ap13

Revision as of 13:48, 28 September 2011

The Apache Foundation already released a patch for the recently reported DoS vulnerability with Apache 2.2.21 and if you want to protect your web server from the exploit, you should upgrade your web server to the latest Apache 2.2.21.

Servers running Apache 1.3, 2.0 and 2.2.20 or older though are still vulnerable to this exploit which is why we released an open source module that applies the security patch for those Apache versions. The module is called mod_rangelimit and implements all the fixes in Apache 2.2.21 so if you're unable to upgrade immediately, it will come handy and will save you a lot of potential troubles with the nasty vulnerability. The module is available in 1H repository which can be installed by running:

rpm -Uvh http://sw.1h.com/centos/1h-repository.noarch.rpm

Once installed you can use yum to load mod_rangelimit for your server. Use the corresponding package version for your Apache web server:

yum install mod_rangelimit-ap13

yum install mod_rangelimit-ap20

yum install mod_rangelimit-ap22

IMPORTANT NOTE

1H software products are secure and protected from this or similar vulnerabilities. The patch mentioned above was released to help people running older versions of Apache easily protect their servers from this vulnerability.

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox