[users@httpd] How to prevent upload of specific filetype in Apache
Looking for ways to prevent upload of specific filetypes into a specific directory. PHP for example. It looks like there may be a method in mod_security Any alternative ways? Thanks
Re: [users@httpd] How to prevent upload of specific filetype in Apache
hi you can have a look at mod_lua but I'm unsure on how to implement for your need regards 2016-03-03 21:02 GMT+01:00 Rose, John B : > Looking for ways to prevent upload of specific filetypes into a specific > directory. PHP for example. > > It looks like there may be a method in mod_security > > Any alternative ways? > > Thanks > >
[users@httpd]
Hello All, Apache options like "SSLProtocol", "SSLCipherSuite", and "HonorCipherOrder" among others can be put in both /etc/apache2/apache2.conf (Debian based) or etc/apache2/mods-available/ssl.conf (or even the virtual host configuration file). Which location should these server wide SSL settings be optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and more importantly if the settings conflict in these two files/ locations which setting/file takes precedence? Thanks.
Re: [users@httpd]
Debian includes the files in /etc/apache2/mods-enabled, not mods-available. If mods-enabled/ssl.conf is a symlink to mods-available/ssl.conf, it will be included in apache2.conf. You haven't specified which version of Debian or Apache you use, but in Apache 2.4, the line in apache2.conf looks like this: IncludeOptional mods-enabled/*.conf As far as which config takes precedence, it isn't so simple. Have a look at the manual here: http://httpd.apache.org/docs/2.4/sections.html#merging - Y On Thu, Mar 3, 2016 at 5:31 PM, schnappiwol...@yahoo.com.INVALID < schnappiwol...@yahoo.com.invalid> wrote: > Hello All, > > Apache options like "SSLProtocol", "SSLCipherSuite", and > "HonorCipherOrder" among others can be put in both > /etc/apache2/apache2.conf (Debian based) or > etc/apache2/mods-available/ssl.conf (or even the virtual host configuration > file). > > Which location should these server wide SSL settings be > optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and > more importantly if the settings conflict in these two files/ locations > which setting/file takes precedence? > > Thanks. >