Live Chat Software by Kayako |
Jan 7 |
Critical issue is fixed in PHP 5.3.5 and 5.2.17 (32-bit systems)
Posted by Esvon Support on 07 January 2011 05:36 PM
|
Hi there, Referring to: http://bugs.php.net/53632 PHP 5.3.5 and 5.2.17 were released quickly to address critical bug discovered on 30/12/2010, looks like the earlier PHP versions on 32-bit systems are vulnerable to simple Denial of Service attack by remote user which will bring your server to its knees (exhaust server's CPU resources). Solution: install patch or the latest PHP version (we recommend 5.2.17 for compatibility's sake). As the temporary solution you can use the following mod_security rule: SecRule QUERY_STRING "\d+e\-\d+" "phase:2,deny,status:403" Sincere wishes to 100% uptime of your websites ------ The Esvon Team | |
Comments (0)