[WEB SECURITY] apache issue

Anita Salerno anita.salerno at talk21.com
Wed Jun 8 06:00:12 EDT 2005

All this has been already done before posting the message and I restart the httpd deamon every time I change something.

My .htaccess file contain htis section
<Limit GET>
        require valid-user

My httpd.conf contains AllowOverride None in the Directory section

The problem is it was working on the other versions; I've written exactly the same configuration as every time I do this.
I've configured the virtual host as follow
Order Deny,Allow
Deny from all
just to make sure that the security is working, but it's not the case and I still have access to web site.

Yahoo! Messenger NEW - crystal clear PC to PCcalling worldwide with voicemail
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20050608/46b52440/attachment.html>

More information about the websecurity mailing list