httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Singh, Sukhjeet" <sukhjeet.si...@fiserv.com>
Subject RE: [users@httpd] Rewrite Rule for hiding Destination URL ??
Date Wed, 10 Jun 2009 12:06:58 GMT
Eric,

I think you are right cuz the rewrite rule which I'm using and also the ErrorDocument which
I'm using are using the path of the files and not the exact URL.

But while I'm able to fix the custom 403 and 404 pages, I'm not too sure why the scanner is
still detecting this vulnerability.

Sukhjeet


-----Original Message-----
From: Eric Covener [mailto:covener@gmail.com] 
Sent: Wednesday, June 10, 2009 5:33 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Rewrite Rule for hiding Destination URL ??

On Wed, Jun 10, 2009 at 5:52 AM, BipinDas-Gmail <bipinkdas@gmail.com> wrote:
> I need to rewrite the url http://123.dev.com to http://123.dev.com/profile
>
> I have put the below code to my .htaccesss  that successfully worked....
>
> # -------------------------------------------------------
>
> rewritecond %{http_host} ^widgets\.cmdn\.com$
> rewritecond %{request_uri} ^/$
> rewriterule ^(.*)$ http://123.dev.com/profile


Your 2nd argument shouldn't be a full URL, that's why you're getting a
redirect.  Try just /profile, profile, or %{DOCUMENT_ROOT}/profile.
-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message