Apache dDoS “killapache” Sends Malformed GET Requests

There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.



There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code


# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range

You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.


You May Also Like

Run Windows Applications within Ubuntu

I ran into this article about how you can seamlessly run Windows Applications from within Ubunutu. The author is using VMware, rdesktop (apt-get install rdesktop), and Seamless RDP. http://hehe2.net/thedarkside/microsoft/run-windows-apps-100-seamlessly-on-ubuntu/

Setting up daily, weekly and monthly MySQL Database Backups using AutoMySQLBackup

AutoMySQLBackup is a shell script that allows daily, weekly and monthly backups of your local and remote MySQL Databases. It's meant to run on Linux/Unix through a cron job. Its highly configurable, and easy to setup as I will show you today! First you will need to acquire the shell script and drop it on your server. You can download AutoMySQLBackup on their SourceForge Project Page