httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [PATCH] Deny when reverse lookup fails
Date Fri, 04 Oct 2002 14:13:27 GMT
Justin Erenkrantz wrote:
> This patch fixes the problem I mentioned in my reply to Jeff - namely 
> that any deny host directive should deny access when a double reverse 
> lookup fails.

If I understand you correctly, that would be a major change to current 
behavior.  I believe that people expect a configuration like

deny from .badguy.com

to allow access from unknown IP addresses (IP addresses that have no 
reverse lookup).  Obviously, this is not at all secure, but that is how 
it has always been, and it is the way I would expect it to work.

Joshua.


Mime
View raw message