Security Basics mailing list archives
Re: Insecure handling of Apache restrictions?
From: White Vampire <whitevampire () mindless com>
Date: Tue, 15 Oct 2002 16:27:25 -0400
On Thu, Oct 10, 2002 at 07:23:02PM -0400, Benoît Gauthier(gauthier () circum com) wrote:
I have stumbled over an Apache behaviour I don't understand. Please explain and advise.
<snip> Virtual hosts and user indexes are handled differently according to the applicable rules. If you are specifying a specific directory, there is no reason why its parent directory would be applicable to your security rules unless specified. An alternative is to use .htaccess in the desired directories to apply the login rules. Reference http://httpd.apache.org/'s documentation. It is extensive, and quite well-written. Regards, -- \ | \ / White Vampire\Rem | http://gammaforce.org/ \|\| \/ whitevampire () mindless com | http://gammagear.com/ "Silly hacker, root is for administrators." | http://webfringe.com/
Attachment:
_bin
Description:
Current thread:
- Re: Insecure handling of Apache restrictions? Eimantas V (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- <Possible follow-ups>
- Re: Insecure handling of Apache restrictions? Mike Arnold (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Re[2]: Insecure handling of Apache restrictions? Mike Arnold (Oct 16)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 16)
- Re: Insecure handling of Apache restrictions? Stewart (Oct 17)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 17)