[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] apache browsing files

To: diego.veiga@embraer.com.br
Subject: Re: [Full-Disclosure] apache browsing files
From: Valdis.Kletnieks@vt.edu
Date: Mon, 05 Jan 2004 15:34:28 -0500

On Mon, 05 Jan 2004 17:00:37 -0200, diego.veiga@embraer.com.br  said:

> Is there a way for apache only browse files *.html or *.php not all files
> type in the browser adress?

There probably is a directive for it.  It won't help.

It would require that the same sites that aren't able to change the
config to a secure mode (by putting the logs elsewhere) would have to
change the config to add a directive that worked around their original
misconfiguration.  If they're going to change the config *anyhow*,
they should just fix the base problem rather than hack around it.

Attachment: pgp00006.pgp
Description: PGP signature

Follow-Ups:
- Re[2]: [Full-Disclosure] apache browsing files
  - From: "Chris" <chris@coolarrow.com>

References:
- [Full-Disclosure] apache browsing files
  - From: diego.veiga@embraer.com.br

Prev by Date: Re: [Full-Disclosure] Patched Solaris Boxes being Hacked??
Next by Date: Re[2]: [Full-Disclosure] apache browsing files
Previous by thread: [Full-Disclosure] apache browsing files
Next by thread: Re[2]: [Full-Disclosure] apache browsing files
Index(es):
- Date
- Thread