On 08/24/2011 11:04 AM, Davide Guerri wrote:
> Hi Sex (lol, weird thing to say),
> I agree with you.
> Moreover, this kind of filtering likely can't be used as-is for every apache
> installation.
>
> However, it will hopefully prevent kiddies to pwn our web servers. :)
>
> Cheers,
> Davide.
>
Using mod_headers with
RequestHeader unset Range
should work, too. At least it works for me (Debian Lenny, Apache 2.2.9).
If you have no download site it should be okay.
Regards,
Jan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
