If your web site is subject to the PCIA regulations (ie an e-commerce site
that takes credit cards) then this has been a requirement for the last
several years.
The easiest way is just a customer error document that gives the standard
message without the failed URL reference. Since the usual m
My apologies for posting this question if it has already been hashed out
before. I figured I should post this question here then just an arbitrary
bug report.
My question relates to a recent penetration test that reported a content
spoofing finding against that the root cause was simply the Apach
