On Sun, Apr 27, 2008 at 7:43 AM, Robert Montgomery <mogtnomr@xxxxxxxxx> wrote: > Is there a way to tell apache to completely ignore > certain methods, ie, PROPFIND, CCM_POST, CONNECT, > OPTIONS, etc.. (and NOT write those requests to the > log files either!) > > I've tried LIMIT & LIMIT EXCEPT directives, but I'm > not sure if they are working (I still see those > requests being logged). > > Also, are there any methods other than GET/POST that I > should also consider allowing? We do nothing fancy, > just typical websites on LAMP platforms, so I know of > no need for any methods other than GET/POST. No, you can't completely ignore HTTP requests. Apache has to do something with them. Yes, you can reject those requests using something like <LimitExcept GET POST> Order allow,deny Deny from all </LimitExcept> But be careful where you place this block, since it will override any other access controls. Yes, you can prevent these requests from being logged using conditional logging: http://httpd.apache.org/docs/2.2/logs.html#conditional But you shouldn't do that. You'll never know if you are being attacked or if there are some problems with your site involving other methods. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|