'Apache Rewrite Condition for Query String
I think someone trying to put some load on my website or hack, which I would like to stop. If you see below url there is a text as "<svg/class="elliot"onLoad=alert(document.domain)>" so my aim is to block if there's such query string appended.
xyz.com/nz?uid=56095fdd427-f35b-baedfdfdfd4-8bfdf22f2bc417f"><svg/class="elliot"onLoad=alert(document.domain)>
This appears to be some kind of Cross Site Scripting(XSS). But I already have blocked XSS attack with 'Header always set X-XSS-Protection "1; mode=block"' in my apache configuration. I'm not exactly sure whether this attack falls under XSS but this config is not working.
I have tried few ways before raising this request but it didn't help. Could you help me here?
Thank you
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|