[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] RE: SSI Vuln on cobalt
- Subject: [cobalt-security] RE: SSI Vuln on cobalt
- From: Barbara <thebizworkers@xxxxxxxxx>
- Date: Sun, 21 Apr 2002 19:43:43 -0700 (PDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
><Directory /home/sites/>
>AllowOverride All
>Options All
></Directory>
>
>... set, then who do you blame? :o) Set it to
"AllowOverride None" and all
>these fancy .htaccess files in /home/sites/wherever
>will no longer work.
Well.... Not exactly, at least not on my remaining
RaQ3. I have the following in my access.conf file and
I still can (and do) use .htaccess files to password
protect a few user directories..
<Directory />
Options None
AllowOverride None
AuthFailDelay 2000000
</Directory>
What I *do* use to stop those files from being
uploaded in the first place, is this little line in my
proftpd.conf file..
PathDenyFilter
"(\\.ftpaccess)|(\\.htaccess)|(\\.forward)$"
Babs
__________________________________________________
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/