On 08/24/2011 11:04 AM, Davide Guerri wrote: > Hi Sex (lol, weird thing to say), > I agree with you. > Moreover, this kind of filtering likely can't be used as-is for every apache > installation. > > However, it will hopefully prevent kiddies to pwn our web servers. :) > > Cheers, > Davide. >
Using mod_headers with RequestHeader unset Range should work, too. At least it works for me (Debian Lenny, Apache 2.2.9). If you have no download site it should be okay. Regards, Jan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/