Security Basics mailing list archives
Re: How to filter .htaccess uploading?
From: "security.xentek" <eric () xentek net>
Date: Fri, 10 Aug 2007 12:00:02 -0400
You could try creating blank .htaccess files and making them immutable: # touch .htaccess # chattr +i .htaccess That way they can't be changed or overwritten, even by root. + eric m. + http://xentek.net + + + + + + + + + + + + + +"Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure or nothing." - Helen Keller
On Aug 10, 2007, at 12:59 AM, Monty Ree wrote:
Hello,list.I heard that some attackers upload malicious .htaccess file using upload program. So I would like to filter ".htaccess" uploading at apache, is there any method? I know that modsecurity will solve this problem.. but I can't use modsecurity yet for some reason.Thanks in advance. _________________________________________________________________MSN Messenger를 통해 온라인상에 있는 친구와 대화를 나누세요. http://www.msn.co.kr/messenger
Current thread:
- How to filter .htaccess uploading? Monty Ree (Aug 10)
- Re: How to filter .htaccess uploading? security.xentek (Aug 10)
- Re: How to filter .htaccess uploading? Colin Bean (Aug 10)