500 errors after a 403 error
1 post
• Page 1 of 1
500 errors after a 403 error
We have been experiencing a strange problem with Helicon Ape on Win2K12R2.
Whenever a RedirectMatch 403 rule is triggered on a site then *ALL* subsequent requests to that site (valid or not) will result in 500 errors for a period of exactly 300 seconds, after which the site in IIS starts serving normal 200 responses again. Disabling all entries from the .htaccess of course resolves the issue but defeats the purpose of having Helicon Ape in the first place.
An example .htaccess would be:
<IfModule mod_alias.c>
RedirectMatch 403 (?i)([a-z0-9]{2000})
RedirectMatch 403 (?i)(https?|ftp|php):/
RedirectMatch 403 (?i)(base64_encode)(.*)(\()
RedirectMatch 403 (?i)(=\'|=\%27|/\'/?)\.
RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&?)/?$
RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\"\\")
RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\|\s|\{|\}|\[|\]|\|)
RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
</IfModule>
Anyone know a fix for resolving 300 seconds of HTTP 500 errors after a RedirectMatch 403 is triggered?
Whenever a RedirectMatch 403 rule is triggered on a site then *ALL* subsequent requests to that site (valid or not) will result in 500 errors for a period of exactly 300 seconds, after which the site in IIS starts serving normal 200 responses again. Disabling all entries from the .htaccess of course resolves the issue but defeats the purpose of having Helicon Ape in the first place.
An example .htaccess would be:
<IfModule mod_alias.c>
RedirectMatch 403 (?i)([a-z0-9]{2000})
RedirectMatch 403 (?i)(https?|ftp|php):/
RedirectMatch 403 (?i)(base64_encode)(.*)(\()
RedirectMatch 403 (?i)(=\'|=\%27|/\'/?)\.
RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&?)/?$
RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\"\\")
RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\|\s|\{|\}|\[|\]|\|)
RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
</IfModule>
Anyone know a fix for resolving 300 seconds of HTTP 500 errors after a RedirectMatch 403 is triggered?
1 post
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 8 guests