Bugtraq mailing list archives

Re: Fw: Bilbao Method Exposed

From: Mark J Cox <mark () awe com>
Date: Tue, 16 Mar 2004 20:03:38 +0000 (GMT)

- English Version: http://www.kernelpanik.org/docs/kernelpanik/bme.eng.pdf
- Spanish Version: http://www.kernelpanik.org/docs/kernelpanik/bme.esp.pdf

This paper explains a brief form to avoid .htaccess authentification in
Apache, configured according to criteria of multiple references.


http://httpd.apache.org/docs-2.0/mod/core.html#limit states "A
<LimitExcept> section should always be used in preference to a <Limit>
section when restricting access, since a <LimitExcept> section provides
protection against arbitrary methods."

See also http://www.apacheweek.com/issues/99-02-12#status

Mark
--
Mark J Cox ........................................... www.awe.com/mark
Apache Software Foundation ..... OpenSSL Group ..... Apache Week editor

Current thread:

Fw: Bilbao Method Exposed FraMe (Mar 16)
- <Possible follow-ups>
- Re: Fw: Bilbao Method Exposed Mark J Cox (Mar 16)