Yermek2015-12-03 13:55:31
Apache HTTP Server
Yermek, 2015-12-03 13:55:31

[Apache error AH00126. Invalid URI in request GET / HTTP/1.1] How to find the reason?

Good afternoon everyone!
I have a website here on my home server that looks at the Internet (the server itself is behind a router on which port forwarding is configured)
. The server has Ubunu Server OS installed.
Raised LAMP server
Two virtual hosts are spinning on the server.
Their parameters from .conf files

<VirtualHost *:80>
    ServerName xxxxxx.xx
    DocumentRoot /var/www/xxxxxx.xx/public_html
    <Directory /var/www/xxxxxx.xx/public_html>
        AllowOverride All

I wrote a script here that rummaged through the FS and gave the user either a directory listing or a header for downloading a file.
Reading here about site vulnerabilities and came across the ability to view ALL fs by adding strings like "../" to the request.
Of course, I decided to check on my script.
Of course the script is susceptible to this vulnerability.
I decided to rewrite the script, but for now I decided to play with the address bar. Added the combination mentioned above to the request parameter. Moreover, I did not bother with the length and inserted different lines of the form "../../../../../../../../../../" The script displayed the contents of the root.
I calmed down and went to rewrite my script
Rewrote, if interested, completely the scheme. Now, when scanning a directory, the presence of a link to a file in the database is checked, if not, it is added. These file IDs are passed to the user in the list. When a file is requested by id, the DB-File is reverse-matched and the result is returned to the user. The file is the title of the download, the directory is its contents

The script was rewritten on a laptop, and everything was perfectly tested on it.
When I marked up the script on my server, I saw an error message 400 (Bad Request). The Apache log contains the following lines:

[Thu Dec 03 15:44:01.944696 2015] [core:error] [pid 2001] [client] AH00126: Invalid URI in request GET / HTTP/1.1
[Thu Dec 03 15:46:42.909538 2015] [core:error] [pid 2474] [client] AH00126: Invalid URI in request GET /index.php HTTP/1.1
[Thu Dec 03 15:46:48.329383 2015] [core:error] [pid 2475 ] [client] AH00126: Invalid URI in request GET /fs/ HTTP/1.1

those. the server responds to completely legitimate requests with an error
. And only the virtual host where I played with the address bar was blocked. Both localshot and the second virtual host work fine.
As I understand it, some kind of security module worked somewhere.
As far as I understand, moc_sucurety is not running for me. I obviously did not run it, and there are no options in the .config files. This parameter was searched through mc by the mask of the .config file (and * too) to the securety line in the /etc/apache2 folder.
Can you please tell me how to revive my host? Where to dig, and what to look?
Is there a way to reset this error flag?

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question