----- "NLR REDDY" <nlrreddy@xxxxxxxx> wrote: > Hi, > > Is there a way to block proxy GET access using mod_rewrite rules? I ProxyRequests are off by default. http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyrequests Also very recommendable: https://svn.apache.org/repos/asf/httpd/sandbox/mod_allowmethods/ Allows you to easily specify a set of blocked methods -- most probably even in a <Proxy > block Finally, as Granny Weatherwax tells us the most important thing about magic is when _not_ to use it. The same is true of mod_rewrite. Here's a couple of examples: http://wiki.apache.org/httpd/WhenNotToUseRewrite > have read in security journals that this is one of the security > vulnerabilities. You should've read them in context. If the journal did not put things into a context then it's a lousy one. > Thanks i -- Igor GaliÄ Tel: +43 (0) 664 886 22 883 Mail: i.galic@xxxxxxxxxxxxxx URL: http://brainsware.org/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|