Re: [users@httpd] mod_rewrite directive in main config does not trickle down into the https instance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

excellent feedback. Thank you!

I was unaware of the TraceEnable method. I must have
read over it :(

I agree, it's not really dangerous anymore, but it's
something that should be considered when applying a
defense-in-depth strategy.

Thanks again for the prompt reply!

--- Joshua Slive <joshua@xxxxxxxx> wrote:

> On 2/10/06, Richard de Vries
> <richard_devries@xxxxxxxxx> wrote:
> > Hey all,
> >
> > I configured a couple of mod_rewrite directives in
> the
> > main configuration file to disable the TRACE/TRACK
> > methods. However, these rules do not seem to make
> it
> > into the HTTPS instance; even though I put them in
> the
> > main config, and not in the virtual hosts.
> >
> > # Disable/Block TRACE/TRACK requests.
> > RewriteEngine on
> > RewriteOptions inherit
> > RewriteLog logs/mod_rewrite.log
> > RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
> > RewriteRule .* - [F]
> >
> > I was hoping to not have to explicitly put these
> rules
> > in the SSL's config, to keep things clean and
> simple.
> 
> 1. You are wasting your time because the TRACK
> method doesn't even
> exist in Apache and the TRACE method is not
> dangerous.
> 
> 2. If you really want to waste your time, then use a
> recent version of
> apache that has the TraceEnable directive to solve
> this "problem".
> 
> 3. If you must use mod_rewrite, then put
> RewriteEngine On
> RewriteOptions inherit
> inside the <VirtualHost> block for your ssl vhost.
> 
> Joshua.
> 
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest:
> users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail:
> users-help@xxxxxxxxxxxxxxxx
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux