next message in archive
no next message in thread
previous message in archive
Index of Subjects
A problem associated with the .htaccess files included in the CSuite
distribution has come to our attention.
I've added this information to the ftp site as a README-SECURITY-<date>
file. dlp..
REFERENCE http://www.apache.org/docs/mod/core.html#limit
===========================================================
AFFECTED CSUITE DIRECTORIES
===========================================================
$CS_ROOT/ETC/cgi-cnbin
$CS_ROOT/ETC/cgi-ipbin
$CS_ROOT/ETC/cgi-membin
$CS_ROOT/ETC/cgi-officebin
(plus matching $CS_ROOT/src/etc/cgi-* directories)
===========================================================
<Limit> directive
Syntax: <Limit method method ... > ... </Limit>
Context: any
Status: core
<Limit> and </Limit> are used to enclose a group of access control directives which will
then apply only to the specified access methods, where method is any valid HTTP method. Any
directive except another <Limit> or <Directory> may be used; the majority will be
unaffected by the <Limit>. Example:
<Limit GET POST>
require valid-user
</Limit>
If an access control directive appears outside a <Limit> directive, then it applies to all
access methods. The method names listed can be one or more of: GET, POST, PUT, DELETE,
CONNECT or OPTIONS. The method name is case-sensitive. If GET is used it will also restrict
HEAD requests.
If you wish to limit all methods, do not include any <Limit> directive at all.
ie...
<< <Limit GET POST>
<< require valid-user
<< </Limit>
>> require valid-user
david potter
next message in archive
no next message in thread
previous message in archive
Index of Subjects