Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: How can I stop webdav exploits from hitting my server?

by eclark (Scribe)
on May 18, 2004 at 16:49 UTC ( #354346=note: print w/replies, xml ) Need Help??


in reply to How can I stop webdav exploits from hitting my server?

If you're not using DAV, you should try something like this in your apache config. I have not tested this.

<Limit SEARCH>
Order Deny,Allow
Deny from all
</Limit>

[download]

Replies are listed 'Best First'.
Re: Re: How can I stop webdav exploits from hitting my server?
by Nitrox (Chaplain) on May 18, 2004 at 20:01 UTC
    From the Apache docs for the <Limit> Directive:

    The method names listed can be one or more of: GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK. The method name is case-sensitive. If GET is used it will also restrict HEAD requests. The TRACE method cannot be limited.

    -Nitrox

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://354346]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (3)
As of 2023-06-02 22:44 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How often do you go to conferences?






    Results (4 votes). Check out past polls.
    Notices?