How to block malformed cookies?
2 posts
• Page 1 of 1
How to block malformed cookies?
Hello,
Can you help me create a rule that will block requests that have malformed cookies?
I would like to block requests with malformed cookies with no key, example:
HTTP_COOKIE:=true;
If possible, I would also be able to block requests with cookies with no keys if there are multiple cookies, example:
HTTP_COOKIE:MyCookie=TC; =true; AnotherCookie=YYl
Can you suggest RewriteCond and RewriteRule expressions?
Many thanks!
JBC
Can you help me create a rule that will block requests that have malformed cookies?
I would like to block requests with malformed cookies with no key, example:
HTTP_COOKIE:=true;
If possible, I would also be able to block requests with cookies with no keys if there are multiple cookies, example:
HTTP_COOKIE:MyCookie=TC; =true; AnotherCookie=YYl
Can you suggest RewriteCond and RewriteRule expressions?
Many thanks!
JBC
Re: How to block malformed cookies?
Hello,
>I would like to block requests with malformed cookies with no key
Please try the following rule:
RewriteCond %{HTTP_COOKIE} ^(.+;)?(\s)?=.+
RewriteRule .? - [F]
>I would like to block requests with malformed cookies with no key
Please try the following rule:
RewriteCond %{HTTP_COOKIE} ^(.+;)?(\s)?=.+
RewriteRule .? - [F]
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 17 guests