Re: "Define" directive is ALWAYS parsed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ah yes, the monkey wrench. So the reason why going that route isn't an option is because this is being done in a shared environment, with .htaccess enabled for users. In an environment like that, anyone can just drop SetHandler server-info into any .htaccess they want and get all of that (sometimes sensitive) info. Due to the nature of all this, it was looking like the only way to truly limit who could gain access to that info would be to only load the module itself under specific circumstances, which is what led me to where I'm at now.

Is there a way I've not yet found that allows me to disable using SetHandler in an .htaccess context (while still allowing other things), or to not allow defining server-info there?

Thanks for your help thus far, also!

On Sun, 2016-09-18 at 15:09 -0400, Eric Covener wrote:
On Sun, Sep 18, 2016 at 1:11 PM, Adam <adam.vest@xxxxxxxxxxxxx.invalid> wrote:


Specifically, I'm trying to limit accessibility to the mod_info page to only
specific users/IP's. I thought I would be able to get away with that by
doing something like:

<If "-R 'ip.add.re.ss''">

        Define me

</If>


Then do something like:

<IfDefine me>

        LoadModule info_module modules/mod_info.so

        <Location "/server-info">

                SetHandler server-info

        </Location>

</IfDefine>




This mixes a lot of per-request things with non-per-request things --
like loading modules (and Define).

Why not just use Require ip ... inside of the Location block w/ SetHandler?
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux