Vulnerability Development mailing list archives
Re: CGI source being exposed using "~"
From: crlf () SYMPATICO CA (Mike Waychison)
Date: Tue, 9 May 2000 04:56:22 -0400
<Files ~ "\~$"> Order allow,deny Deny from all </Files> is what you are looking for Mike Waychison
Andrew Reisse said: <On my servers, I put a section like this in httpd.conf to prevent editor <backups from being read (which, as you said, might contain passwords or <other interesting data) <Files ~ "^\~"> Order allow,deny Deny from all </Files> I have tried adding that to a couple of apache servers with no luck. The source is still being displayed. as suggested by a friend i even tried: <Files ~ "^\.cgi.$"> Order allow,deny Deny from all </Files> for blocking files like cgi.text and cgi.bak. I still got the same results. is there something im missing? Thanks in advance Brian
Current thread:
- Re: AIM bug or feature, (continued)
- Re: AIM bug or feature Justin Lintz (May 10)
- Re: AIM bug or feature White Vampire (May 10)
- really fast data Ogrodnek, Larry (May 10)
- Re: Alternative ways of IP spoofing? Doru Petrescu (May 10)
- AIM & VPN jeff D (May 10)
- Re: AIM & VPN Jeremy Gaddis (May 10)
- Re: AIM & VPN Bluefish (May 11)
- Re: AIM & VPN Matthew S. Hallacy (May 12)
- Norton Internet Security 2000 Jon Alabot (May 10)
- Re: CGI source being exposed using "~" Jason Legate (May 09)