22 Oct
2001
22 Oct
'01
09:39
Hi Mathias! On Sun, 21 Oct 2001, Mathias Homann wrote:
Hi all,
here's a bit of a step-by-step description on how to keep nimda and codered from filling your apache logs.
If filled up logs is the only concern (and not possible vulnerable machines behind firewall) why not: SetEnvIf Request_URI ".ida" no_log=1 SetEnvIf Request_URI ".exe" no_log=1 # add more matches here CustomLog /path/to/logs common env=!no_log that way you avoid matching all the packets to 80 to be matched against the signatures. ciao -- teodor