Hi! In the security tips on Apache 1.3, 2.0 and 2.2 it is stated as follows: "Enabling SSI for files with .html or .htm extensions can be dangerous. This is especially true in a shared, or high traffic, server environment." http://httpd.apache.org/docs/trunk/misc/security_tips.html Enabling SSI increases server load, but why is it a risk? Does this apply only to enabling SSI for all .html files while the server is very busy (because that could cause a denial of service)? I'm interested in whether enabling SSI for .html files is a risk for a single virtual hosting account (without/before high traffic). Thanks in advance, Lars --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|