Threat Post

Apache Fixes Range Header DoS Flaw

There is a new version of the Apache Web Server available that fixes the recently disclosed range header denial-of-service vulnerability. Apache 2.2.20 is was released Tuesday and the new content ...
GitHub

Uses Apache to rewrite headers in a header including currently invalid headers (e.g. those containing underscores).

Problem definition: At the current time (2023) underscores and other characters are not allowed in http headers. Web servers like nginx can transparently pass these invalid headers through using ...
GitHub

securing-apache-http-headers-and-hardening-tips.md

Tagged: apache, httpd, hardening, secure, config, configuration, http, headers, mod_headers, headers_module, HTTPD_ROOT, SERVER_CONFIG_FILE, httpd.conf ...