[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: SSI Vuln on cobalt
- Subject: Re: [cobalt-security] Re: SSI Vuln on cobalt
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Mon, 22 Apr 2002 03:33:41 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Chris,
> And, as I've pointed out before, all of those cute little checkboxes are
> useless. If I want to use SSI, all I have to do is put:
>
> AddType text/html .shtml
> AddHandler server-parsed .shtml
>
> in an .htaccess file.
IF your Apache access.conf has ...
<Directory /home/sites/>
AllowOverride All
Options All
</Directory>
... set, then who do you blame? :o) Set it to "AllowOverride None" and all
these fancy .htaccess files in /home/sites/wherever will no longer work.
--
Mit freundlichen Grüßen / With best regards
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer