{"blog_url":"https://boscono.hatenablog.com/","image_url":null,"published":"2014-09-28 12:00:08","provider_url":"https://hatena.blog","provider_name":"Hatena Blog","author_name":"boscono","title":"Shellshock\u306e\u653b\u6483\u3092ModSecurity\u3067\u9632\u3050","blog_title":"\u3066\u304d\u3068\u3046\u306a\u30e1\u30e2","description":"\u4eca\u56de\u306eShellshock\u554f\u984c\u306e\u5bfe\u7b56\u3068\u3057\u3066\u306f\u666e\u901a\u306bbash\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u826f\u3044\u306e\u3060\u3051\u3069\u3082\u3001RedHat\u306bModSecurity\u3067\u9632\u3050\u65b9\u6cd5\u304c\u8f09\u3063\u3066\u3044\u305f\u3002 The following mod_security rules can be used to reject HTTP requests containing data that may be interpreted by Bash as a function definition if set in its environment. They can be used to block attacks against web services,\u2026","type":"rich","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fboscono.hatenablog.com%2Fentry%2F2014%2F09%2F28%2F120008\" title=\"Shellshock\u306e\u653b\u6483\u3092ModSecurity\u3067\u9632\u3050 - \u3066\u304d\u3068\u3046\u306a\u30e1\u30e2\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","width":"100%","version":"1.0","categories":["Bash","Security","ModSecurity","Shell"],"url":"https://boscono.hatenablog.com/entry/2014/09/28/120008","height":"190","author_url":"https://blog.hatena.ne.jp/boscono/"}