httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] Strange behavior of Apache 1.3.26
Date Wed, 11 Sep 2002 20:30:38 GMT wrote:
> I had a file on the apache server called GenerateIndex.php which I renamed to GenerateIndex.php.old
at some point while I was working on the site. 
> Later, I was at a remote site and I missed my click on the history bar and mistakenly
selected a link to the file GenerateIndex.php file.  Well, the Apache 
> server sent the raw text from the GenerateIndex.php.old file to my remote location (
I was a bit concerned because the php file has some database 
> usernames and passwords hard coded into it.
> Is this a bug that should be reported or is this behavior (asking for GenerateIndex.php
and receiving GenerateIndex.php.old) already know or 
> expected?

See the Options directives with special attention to the MultiViews 
option.  You probably want that turned off unless you are doing 

I would also guess you are using a <FilesMatch> to designate your php 
scripts, rather than the better AddType or AddHandler directives, which 
would have marked the file as a php script regardless of the extra 

And, or course, I'm sure you have now figured out that it is not a good 
idea to keep material that you don't want web-accessible in the webspace.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message