| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Mar 2004 20:03:38 +0000 (GMT) From: Mark J Cox <mark@....com> To: bugtraq@...urityfocus.com Subject: Re: Fw: Bilbao Method Exposed > - English Version: http://www.kernelpanik.org/docs/kernelpanik/bme.eng.pdf > - Spanish Version: http://www.kernelpanik.org/docs/kernelpanik/bme.esp.pdf > > This paper explains a brief form to avoid .htaccess authentification in > Apache, configured according to criteria of multiple references. http://httpd.apache.org/docs-2.0/mod/core.html#limit states "A <LimitExcept> section should always be used in preference to a <Limit> section when restricting access, since a <LimitExcept> section provides protection against arbitrary methods." See also http://www.apacheweek.com/issues/99-02-12#status Mark -- Mark J Cox ........................................... www.awe.com/mark Apache Software Foundation ..... OpenSSL Group ..... Apache Week editor
Powered by blists - more mailing lists