security

This is an old revision of the document!

Table of Contents

Security
- - WebDAV Readonly mode
  - cgi-bin precaution

Security

WebDAV Readonly mode

Make sure to disable following methods in webserver.

# Disabled TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD
     <Directory /var/www/html >
        AuthType None
        Satisfy Any
        Allow from all
        RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|PUT|OPTIONS|DELETE|HEAD)
        RewriteRule .*$ - [F,L]
     </Directory>

cgi-bin precaution

Make sure none of the configuration files get printed as pain text.

<FilesMatch ".+(\.pm|\.conf|\.htaccess|\.gitignore|config)$">
    Require all denied
</FilesMatch>

security.1573485831.txt.gz · Last modified: 2020/08/10 02:29 (external edit)