store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Sat Aug 24, 2019 7:53 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: httpoxy issue
Unread postPosted: Mon Jul 18, 2016 6:48 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
https://httpoxy.org/#fix-now

I presume ASL has already added the necessary rule.

HOWEVER, what about Plesk, which in one configuration is not protected by ASL?

Plesk 10 (EOL) uses....its own webserver. I forget what. Does anybody know off-hand how/where to add the appropriate configuration directive to block this vulnerability, if it is affected?

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
 Post subject: Re: httpoxy issue
Unread postPosted: Mon Jul 18, 2016 7:48 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4082
Location: Chantilly, VA
Yes, we already block nonstandard headers, and for organizations that need a specific alert when this happens we also added in a specific rule to alert on these attacks 330773.

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
 Post subject: Re: httpoxy issue
Unread postPosted: Tue Jul 19, 2016 7:14 am 
Offline
Forum Regular
Forum Regular

Joined: Tue Aug 01, 2006 2:45 pm
Posts: 573
Location: Netherlands
The Plesk web server is basically Nginx.

You can add

Code:
fastcgi_param  HTTP_PROXY         "";


to /etc/sw-cp-server/fastcgi_params.

Don't forget to reload the new configuration.

Code:
systemctl reload sw-cp-server.service

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
Reply with quote  
 Post subject: Re: httpoxy issue
Unread postPosted: Tue Jul 19, 2016 12:17 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
Thanks Nils.

In Plesk 10.x, the fastcgi_params file does not exist (anywhere).

Will creating one do any good? I don't know where the master config is to see if it looks for such a file if it exists.

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
 Post subject: Re: httpoxy issue
Unread postPosted: Thu Jul 21, 2016 5:56 am 
Offline
Forum Regular
Forum Regular

Joined: Tue Aug 01, 2006 2:45 pm
Posts: 573
Location: Netherlands
faris wrote:
Thanks Nils.

In Plesk 10.x, the fastcgi_params file does not exist (anywhere).

Will creating one do any good? I don't know where the master config is to see if it looks for such a file if it exists.


No, it will be pointless to create this file.

I don't run any Plesk <12 machines anymore so I wouldn't know how to mitigate this issue in the Plesk web server itself. Placing the Plesk interface behind a web application firewall will probably do the job.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
Reply with quote  
 Post subject: Re: httpoxy issue
Unread postPosted: Mon Jul 25, 2016 12:04 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
We are now scheduled for September for our big 12.x upgrades :-(

Until then....I never had any success with using Plesk within the ASL WAF due to 10.4.4 oddities (not ASL's fault).

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group