Happy Monday all,
I'm getting closer with my hardened reverse proxy /mod_security. I'm at the point now where almost everything works, until I get to the GETs. The posts all work fine, the GETs don't, both to the same cgi executable. When you don't go through the proxy the GETs work fine. Is this something that is intuitive to someone out there? Jeff From: Carlos Eduardo Maiolino [mailto:[EMAIL PROTECTED] Sent: Monday, July 16, 2007 5:25 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Apache CGI security Hello Friends. I need tips to add more security in my Apache Server. Mainly with cgi-scripts, I use the suEXEC, but, with a cgi-script (perl), I obtain a list of the /etc/passwd. Example: #!/usr/bin/perl system("cat /etc/passwd"); how to solve these problems? Thank's