Home page logo
/

basics logo Security Basics mailing list archives

Re: Apache Security Question
From: "S.A.B.R.O. Net Security" <sabronet () indy rr com>
Date: Fri, 24 Mar 2006 17:38:16 -0500

http://www.whoopis.com/howtos/apache-rewrite.html has a few examples that may help.

--
Sincerely,


William E. Hoover
S.A.B.R.O. Net Security Admin
www.sabronet.com
irc.sabronet.com
sabronet () indy rr com
admin () sabronet com



Jennifer Fountain wrote:
Hi All:
I am running a nessus security scans against my linux redhat/apache
webservers and I keep getting the trace/track issue.  However, I do have
this verbage in my virtual hosts section:

 RewriteEngine On
 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
 RewriteRule .* - [F]
 RewriteRule / https://site.com

And I am loading the rewrite module:

LoadModule rewrite_module modules/mod_rewrite.so

I am running the latest nessus.  Any suggestions?  I cannot disable it
unfortunately.

Kind Regards,
Jennifer Fountain
Systems Security Analyst
R&B Distribution
3400 E Walnut Street
Colmar, PA 18915
[SNIP]

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault