[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: SSI Vuln on cobalt
- Subject: Re: [cobalt-security] Re: SSI Vuln on cobalt
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Mon, 22 Apr 2002 19:46:58 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Jeff,
> How about the Cobalt buttons to turn on SSI and CGI? Will they still
> work? I haven't tried, but I don't think so; I think that your
> suggested "AllowOverride None" will keep them from working as well.
No, the buttons will still work, so you can toggle the SSI and CGI option for
a website. However, the "AllowOverride None" will make sure that the user
uploaded .htaccess files will no longer work. And the ones from Frontpage
won't work either.
When you really need and want .htaccess to protect selected content, then you
can add another directive into access.conf to allow .htaccess in that
specific directory and its subdirectories.
--
Mit freundlichen Grüßen / With best regards
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer