httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Samuel Vogel <samy-de...@gmx.de>
Subject Re: [users@httpd] RewriteRule exposing system directories
Date Thu, 13 Dec 2007 19:35:50 GMT
Ok, thanks for the hint!

I did that, but unfortunately it breaks something else, which worked 
before. When a page in a subdirectory tried to get an image from an 
directory relative to the docroot, that does not work anymore.
This can be seen here: http://tinyurl.com/37owgr

How can I fix this? Maybe there is some trick I don't know about?

Regards,
Samy

Vincent Bray schrieb:
> On 13/12/2007, Samuel Vogel <samy-delux@gmx.de> wrote:
>   
>> I just noticed a really bad security problem on my servers!
>> The following RewriteRule exposes my system directories like /etc and
>> /var etc. :
>>     
>
> Hi,
>
> This is a common misconception, sadly. Documented here:
>
> http://wiki.apache.org/httpd/RewriteSecurity
>
>   

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message