You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Brian Behlendorf <br...@hyperreal.com> on 1996/10/08 23:12:08 UTC
cvs commit: apache/conf access.conf-dist
brian 96/10/08 14:12:07
Modified: conf access.conf-dist
Log:
Added commented-out a suggestion to redirect bug attacks back to a logging
script at www.apache.org.
Revision Changes Path
1.7 +12 -1 apache/conf/access.conf-dist
Index: access.conf-dist
===================================================================
RCS file: /export/home/cvs/apache/conf/access.conf-dist,v
retrieving revision 1.6
retrieving revision 1.7
diff -C3 -r1.6 -r1.7
*** access.conf-dist 1996/08/20 13:18:55 1.6
--- access.conf-dist 1996/10/08 21:12:05 1.7
***************
*** 1,5 ****
# access.conf: Global access configuration
! # $Id: access.conf-dist,v 1.6 1996/08/20 13:18:55 paul Exp $
# Online docs at http://www.apache.org/
# This file defines server settings which affect which types of services
--- 1,5 ----
# access.conf: Global access configuration
! # $Id: access.conf-dist,v 1.7 1996/10/08 21:12:05 brian Exp $
# Online docs at http://www.apache.org/
# This file defines server settings which affect which types of services
***************
*** 53,58 ****
--- 53,69 ----
#order deny,allow
#deny from all
#allow from .your_domain.com
+ #</Location>
+
+ # There have been reports of people trying to abuse an old bug from pre-1.1
+ # days. This bug involved a CGI script distributed as a part of Apache.
+ # By uncommenting these lines you can redirect these attacks to a logging
+ # script on www.apache.org. Or, you can record them yourself, using the script
+ # contrib/phf_abuse_log.cgi.
+
+ #<Location /cgi-bin/phf*>
+ #deny from all
+ #ErrorDocument 403 http://www.apache.org/phf_abuse_log.cgi
#</Location>
# You may place any other directories or locations you wish to have