httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David H <godave...@yahoo.com>
Subject Re: [users@httpd] Dav security problem
Date Mon, 15 Mar 2004 06:14:06 GMT
Joshua,

It works great thanks for the pointer.

Dave

--- Joshua Slive <joshua@slive.ca> wrote:
> 
> On Sat, 13 Mar 2004, David H wrote:
> 
> > Hi Saqib,
> >
> > Thanks for the advise. Virtual Host may not solve
> my
> > problem, people still able to get in. My question
> is
> > why am I not being ask for login or deny access
> under
> > normal https and Dav did ask for login?
> 
> > > >         <LimitExcept GET POST OPTIONS>
> > > >                 require user david
> > > >         </LimitExcept>
> 
> Because you have explicitly excluded "GET" from
> requiring authentication.
> Since GET is the method used for ordinary web
> browsers, they don't need to
> authenticate.
> 
> Remove the <LimitExcept ...> and </LimitExcept>
> lines if you want to
> restrict all access.
> 
> Joshua.
> 
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
>    "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
> 


__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message