[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Restricting access to certain file types HELP!
- Subject: Re: [cobalt-security] Restricting access to certain file types HELP!
- From: Ted Behling <TBehling@xxxxxxxxxxxxx>
- Date: Wed, 31 Oct 2001 22:49:08 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 10:23 PM 10/26/01, Ervin Tarkhanian wrote:
I need to restrict access to all Real media files & Windows Media on a site.
>
>
RedirectMatch .*.ram http://www.domain.com/novideo.html
RedirectMatch .*.rm http://www.domain.com/novideo.html
RedirectMatch .*.asx http://www.domain.com/novideo.html
RedirectMatch .*.asf http://www.domain.com/novideo.html
Don't forget .wmv, .wma, .wax, .wvx, and .wm for Windows Media. For Real,
you might want to include .smi, .smil, .ra, .rmm, .rt, .rmj, .rms, and .rp
. Those are all the Windows Media- and RealPlayer-specific extensions
listed in the programs' Open dialogs. Of course, restricting access by
file extension doesn't provide any real security, as user agents pay
attention only to MIME types. A Webmaster can assign any MIME type to any
file extension in their .htaccess file or with a two-line CGI/PHP script
that writes the header then echoes the file. Therefore, you might be
better off to restrict by MIME type rather than file extension, although I
don't think this will get around the CGI/PHP possibility (haven't
tried). Do you care about QuickTime?
--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.
43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894 Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------