Security Basics mailing list archives
Re: Insecure handling of Apache restrictions?
From: White Vampire <whitevampire () mindless com>
Date: Thu, 17 Oct 2002 14:27:43 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Oct 16, 2002 at 01:59:23PM -0400, Stewart(bdlists () snerk org) wrote:
You could add a statement to your DocumentRoot section like so; RedirectPermanent "/~user" "http://user.blablah.com/"; Which would force browsers to access the page via the 'proper' means, rather than via the back door. Besides; if a user has their own sub-domain, why would they want a tilde site anyways?
As a backup regarding domain and/or DNS issues. It can prove
quite useful, at least it has for me in the past.
It should truly not be that much of an issue. There are a
myriad of approaches for the authentication Apache provides. .htaccess
is a good approach, and the most common method.
Regards,
- --
\ | \ / White Vampire\Rem | http://gammaforce.org/
\|\| \/ whitevampire () mindless com | http://gammagear.com/
"Silly hacker, root is for administrators." | http://webfringe.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
iD8DBQE9rwEf3+rxmnEDyl8RArHBAJ9qNxcYZRBzq84yvXMMyo3HazIHsQCdEUZl
ZF+faJhiREWQs4SuQ8ektlU=
=OPT3
-----END PGP SIGNATURE-----
Current thread:
- Re: Insecure handling of Apache restrictions? Eimantas V (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- <Possible follow-ups>
- Re: Insecure handling of Apache restrictions? Mike Arnold (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Re[2]: Insecure handling of Apache restrictions? Mike Arnold (Oct 16)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 16)
- Re: Insecure handling of Apache restrictions? Stewart (Oct 17)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 17)