httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matus \"fantomas\" Uhlar" <uh...@fantomas.sk>
Subject Re: Filtering HEAD requests
Date Fri, 19 Jul 2002 11:07:06 GMT
-> 	I run a web server that requires authentication. Occasionally, we get a 
-> run of people trying to crack a password using HEAD requests.
-> Then question I have is how I can completely reject HEAD requests, since it 
-> seems to be written as a part of GET. Is there a way to do this?

theoretically yes. but i would not recommend it. HEAD is used by proxies to
check if documents in cache aren't outdated and this would break this
behaviour
-- 
 Matus "fantomas" Uhlar, uhlar@fantomas.sk ; http://www.fantomas.sk/
 Warning: I don't wish to receive spam to this address.
 Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
 Despite the cost of living, have you noticed how popular it remains? 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message