User Tools

Site Tools


security

Security

WebDAV Readonly mode

Make sure to disable following methods in webserver.

# Disabled TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD
     <Directory /var/www/html >
        AuthType None
        Satisfy Any
        Allow from all
        RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD)
        RewriteRule .*$ - [F,L]
     </Directory>

cgi-bin precaution

Make sure none of the configuration files get printed as pain text.

  <FilesMatch ".+(\.pm|\.conf|\.htaccess|\.gitignore|config)$">
    Require all denied
  </FilesMatch>

Anything start with .(dot)

Disable all files and folder start with .dot

  <DirectoryMatch "^\.|\/\.">
    Require all denied
  </DirectoryMatch>
 
  <LocationMatch "\/\.">
    Require all denied
  </LocationMatch>
security.txt · Last modified: 2020/08/10 02:35 (external edit)