gif,jpg,cssへのアクセスをログに記録しない
SetEnvIf Request_URI ".(gif)|(jpg)|(css)$" nolog
wormからのアクセスをログに記録しない対策)
SetEnvIf Request_URI "cmd.exe" nolog
SetEnvIf Request_URI "root.exe" nolog
SetEnvIf Request_URI "Admin.dll" nolog
SetEnvIf Request_URI "NULL.IDA" nolog
SetEnvIf Request_URI "^/_mem_bin/" nolog
SetEnvIf Request_URI "^/_vti_bin/" nolog
SetEnvIf Request_URI "^/c/" nolog
SetEnvIf Request_URI "^/d/" nolog
SetEnvIf Request_URI "^/msadc/" nolog
SetEnvIf Request_URI "^/MSADC/" nolog
SetEnvIf Request_URI "^/scripts/" nolog
SetEnvIf Request_URI "^/default.ida" nolog
WebDAVの脆弱性を狙った攻撃への対策
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
↓
LogFormat "%h %l %u %t "%!414r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
CustomLog logs/access_log combined
↓
CustomLog logs/access_log combined env=!nolog ← env=!nologを追記
SetEnvIf Request_URI ".(gif)|(jpg)|(css)$" nolog
wormからのアクセスをログに記録しない対策)
SetEnvIf Request_URI "cmd.exe" nolog
SetEnvIf Request_URI "root.exe" nolog
SetEnvIf Request_URI "Admin.dll" nolog
SetEnvIf Request_URI "NULL.IDA" nolog
SetEnvIf Request_URI "^/_mem_bin/" nolog
SetEnvIf Request_URI "^/_vti_bin/" nolog
SetEnvIf Request_URI "^/c/" nolog
SetEnvIf Request_URI "^/d/" nolog
SetEnvIf Request_URI "^/msadc/" nolog
SetEnvIf Request_URI "^/MSADC/" nolog
SetEnvIf Request_URI "^/scripts/" nolog
SetEnvIf Request_URI "^/default.ida" nolog
WebDAVの脆弱性を狙った攻撃への対策
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
↓
LogFormat "%h %l %u %t "%!414r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
CustomLog logs/access_log combined
↓
CustomLog logs/access_log combined env=!nolog ← env=!nologを追記