Security Basics mailing list archives
Re: Insecure handling of Apache restrictions?
From: White Vampire <whitevampire () mindless com>
Date: Thu, 17 Oct 2002 14:27:43 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Oct 16, 2002 at 01:59:23PM -0400, Stewart(bdlists () snerk org) wrote:
You could add a statement to your DocumentRoot section like so; RedirectPermanent "/~user" "http://user.blablah.com/" Which would force browsers to access the page via the 'proper' means, rather than via the back door. Besides; if a user has their own sub-domain, why would they want a tilde site anyways?
As a backup regarding domain and/or DNS issues. It can prove quite useful, at least it has for me in the past. It should truly not be that much of an issue. There are a myriad of approaches for the authentication Apache provides. .htaccess is a good approach, and the most common method. Regards, - -- \ | \ / White Vampire\Rem | http://gammaforce.org/ \|\| \/ whitevampire () mindless com | http://gammagear.com/ "Silly hacker, root is for administrators." | http://webfringe.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (GNU/Linux) iD8DBQE9rwEf3+rxmnEDyl8RArHBAJ9qNxcYZRBzq84yvXMMyo3HazIHsQCdEUZl ZF+faJhiREWQs4SuQ8ektlU= =OPT3 -----END PGP SIGNATURE-----
Current thread:
- Re: Insecure handling of Apache restrictions? Eimantas V (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- <Possible follow-ups>
- Re: Insecure handling of Apache restrictions? Mike Arnold (Oct 15)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Re[2]: Insecure handling of Apache restrictions? Mike Arnold (Oct 16)
- Re[2]: Insecure handling of Apache restrictions? Benoît (Oct 16)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 16)
- Re: Insecure handling of Apache restrictions? Stewart (Oct 17)
- Re: Insecure handling of Apache restrictions? White Vampire (Oct 17)