[users@httpd] security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: [users@httpd] security
From: <baynaa@xxxxxxxxxx>
Date: Wed, 5 Oct 2005 16:33:28 +0800
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: users@xxxxxxxxxxxxxxxx
Thread-index: AcXJh3W5hX+MdAEIS4G3gGQCUTppCQ==

Hi,

In our web, users should login to access certain contents. But today we’ve just realized that, one can acces those contents without loging in. In other words, just typing http://xxx.xx/graph_view.php?action=""> brings the graphs. We are using free software, may be that’s why it is not so secure. Has anyone suggest me how to prevent these kind of things. How can I configure apache, so that it won’t bring the page if it has REMOTE_USER env variable not set? Or if it has nothing to do with Apache?

BR, Baynaa.

Prev by Date: Re: [users@httpd] Noob needs help with SSL certs on apache 1.3
Next by Date: Re: [users@httpd] security
Previous by thread: Re: [users@httpd] Security
Next by thread: Re: [users@httpd] security
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux