How to avoid the phpBB worm with Apache Rewrite Engine

This solution was suggested by Raymond Dijkxhoorn on BugTraq:

If you cannot fix it (virtual servers) fast for all your clients you could also try with
something like this:

        RewriteEngine On
        RewriteCond %{QUERY_STRING} ^(.*)echr(.*) [OR]
        RewriteCond %{QUERY_STRING} ^(.*)esystem(.*)
        RewriteRule ^.*$                                -               [F]

We had some vhosts where this worked just fine. On our systems we didnt see any valid
request with echr and esystem, just be gentle with it, it works for me, it could work
for you ;)

Interested? Click here to contact us for a free consultation →