Re: [users@httpd] Limiting users possibilities in .htaccess files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/14/06, Markus Mayer <mymaillists@xxxxxx> wrote:
Hi all,

I have some users on my server who insist on writing .htaccess files and
defining proxies in them.  This is something I don't like or want, they also
run against our firewall which causes some security related messages to be
generated.  I have tried different restrictions with AllowOverride however
all I did was kill off other important functionality.  Is there some way I
can restrict users so that when they define a proxy in a .htaccess file the
server returns some kind of error to the user?  In otherwords, when a user
does something like
RewriteRule ^something/(.*)$ http://someserver.com/something/$1 [L,P]
I want an error message to be returned, something like the standard "Internal
Server Error" message is perfectly ok.

You need to remove FileInfo from your AllowOverrides or remove
mod_proxy or mod_rewrite from your loaded modules.  There is no other
way in apache.  (The social solution is to do automated monitoring of
.htaccess files with a script and kill accounts that misuse them.)

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux