Apache and backup files

To: debian-security@lists.debian.org
Subject: Apache and backup files
From: Emmanuel Lacour <elacour@easter-eggs.com>
Date: Wed, 29 Jan 2003 15:36:01 +0100
Message-id: <[🔎] 20030129143601.GH5001@easter-eggs.com>
Mail-followup-to: Emmanuel Lacour <elacour@easter-eggs.com>, debian-security@lists.debian.org

What about adding in default httpd.conf something like this to protect
from reading common editors backup files (index.php~ ...)

<FilesMatch ".*(~|\.bak)$">
    Order allow,deny
    Deny from all
</FilesMatch>


I think it could avoid fresh debian installs (and fresh admins...)
giving us some unwanted web source-code...


Waiting for comments...


-- 
Easter-eggs                                Spécialiste GNU/Linux
44-46 rue de l'Ouest  -  75014 Paris   -   France -  Métro Gaité
Phone: +33 (0) 1 43 35 00 37    -     Fax: +33 (0) 1 41 35 00 76
mailto:elacour@easter-eggs.com   -    http://www.easter-eggs.com

Reply to:

Follow-Ups:
- Re: Apache and backup files
  - From: Christoph Moench-Tegeder <cmt@rz.uni-karlsruhe.de>

Prev by Date: Re: [SECURITY] [DSA 245-1] New dhcp3 packages fix potential network flood
Next by Date: Re: Apache and backup files
Previous by thread: Re: [SECURITY] [DSA 245-1] New dhcp3 packages fix potential network flood
Next by thread: Re: Apache and backup files
Index(es):
- Date
- Thread