. The application server does not invoke
this function for directory calls, so I need to redirect to /index.cfm
On Wed, Aug 11, 2010 at 5:21 PM, David Ricar r...@ethernet.cz
mailto:r...@ethernet.cz wrote:
I'd use default index and extend it for .cfm as this:
DirectoryIndex index.html index.cgi
Phil Howard wrote:
By suexec wrapper, I mean a program you write which will be placed
where Apache expects to find suexec. The real suexec will be moved to
somewhere else (maybe real-suexec in the same directory). Your
program will know where it is (and probably hard code that). Your
program
Phil Howard wrote:
I don't understand what it is you are doing, so I cannot comment on
whether it is common or not, or even secure. A test to detect if
others can write a file that would be executed is a critical test on a
multi-user machine. Similarly, testing if all parent directories can
be
Phil Howard wrote:
On Thu, Aug 12, 2010 at 13:02, David Ricar r...@ethernet.cz wrote:
[...]
Sorry, I'm still not understanding what you are doing. I didn't
understand why you need two users per each site.
J. Greenlees wrote:
I believe the standard method of doing this to completely lock
Hello,
for quite some time I am digging into webserver security and sadly, I
found basicaly two bad choices for multisite ultiuser server. I found
some disscussions about the subject, but it seems that I am still
missing something.
1) Standard way of usage with different ftp users and a
I'd use default index and extend it for .cfm as this:
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml
index.htm index.cfm
Cheers
David
Matthew P. Smith wrote:
I need to rewrite requested urls from this:
domain.com/some-directory/ http://domain.com/some-directory/
to
Jefferson Ogata wrote:
On 2010-08-11 13:23, David Ricar wrote:
Am I missing an obvious solution that is possible without the patch or
is my view too paranoid?
Mount all your content read-only.
Sadly most of the sites requires some places to upload images and so on,
so
Phil Howard wrote:
For maintenance, it might be easier for you to make an suexec wrapper.
Run your wrapper to do custom checks and if it decides to go on, it
runs suexec. That way your maintenance is for your program, only, and
you have to track a lot fewer changes to Apache code (basically
