WebApp Sec mailing list archives
RE: htaccess with apache
From: Tim Greer <chatmaster () charter net>
Date: 11 Nov 2003 14:56:22 -0800
On Mon, 2003-11-10 at 10:35, Dinis Cruz wrote:
Very interesting thread, unfortunately I can't add my ideas and suggestions since currently I'm more involved with Asp.Net and IIS security. But it seams to me that given the complexity of web application deployment is it a certainty that configuration errors will occur (event the most experiment and competent sysadmins make occasional mistakes). I think that the best solution is to have tools that test the servers security configuration (from the inside) and help those administrators to fix the problems identified. I created such tool for the IIS environment (Asp.Net Security Analyser), and would be very interested to know if anybody as developed a similar tool for the Linux/Apache environments. Best regards
There's nothing predefined to test for or to determine the impact of it, but it would certainly be fairly easy to take arguments and change the values to see if it outputs or does what you want and maybe (maybe) get an idea of how far it could go or if it's an issue. -- Tim Greer <chatmaster () charter net>
Current thread:
- Re: htaccess with apache, (continued)
- Re: htaccess with apache Vladimir Danilyuk (Nov 04)
- Re: htaccess with apache Tim Greer (Nov 04)
- Re: htaccess with apache Peter Conrad (Nov 04)
- Re: htaccess with apache Lucas Holt (Nov 04)
- Re: htaccess with apache Cameron Green (Nov 04)
- RE: htaccess with apache Anonymous Sender (Nov 04)
- RE: htaccess with apache Maxim Kostioukov (Nov 04)
- RE: htaccess with apache MTeixeira (Nov 05)
- RE: htaccess with apache Tim Greer (Nov 05)
- RE: htaccess with apache Dinis Cruz (Nov 11)
- RE: htaccess with apache Tim Greer (Nov 11)