You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by js...@apache.org on 2003/06/07 07:50:50 UTC
cvs commit: httpd-docs-1.3/htdocs/manual/misc security_tips.html
jsl 2003/06/06 22:50:50
Modified: htdocs/manual/misc security_tips.html
Log:
Typo/spelling/grammar corrections.
Revision Changes Path
1.33 +4 -4 httpd-docs-1.3/htdocs/manual/misc/security_tips.html
Index: security_tips.html
===================================================================
RCS file: /home/cvs/httpd-docs-1.3/htdocs/manual/misc/security_tips.html,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- security_tips.html 29 Apr 2003 08:34:06 -0000 1.32
+++ security_tips.html 7 Jun 2003 05:50:50 -0000 1.33
@@ -51,8 +51,8 @@
directive to serve hits. As is the case with any command that
root executes, you must take care that it is protected from
modification by non-root users. Not only must the files
- themselves be writeable only by root, but so must the
- directories, and parents of all directories. For example, if
+ themselves be writeable only by root, but also the
+ directories and parents of all directories. For example, if
you choose to place ServerRoot in
<code>/usr/local/apache</code> then it is suggested that you
create that directory as root, with commands like these:</p>
@@ -130,12 +130,12 @@
of risk.</p>
<p>Another solution is to disable the ability to run scripts
- and programs from SSI pages. To do this replace
+ and programs from SSI pages. To do this, replace
<code>Includes</code> with <code>IncludesNOEXEC</code> in the
<a href="../mod/core.html#options">Options</a> directive. Note
that users may still use <--#include virtual="..." --> to
execute CGI scripts if these scripts are in directories
- desginated by a <a
+ designated by a <a
href="../mod/mod_alias.html#scriptalias">ScriptAlias</a>
directive.</p>
<hr />
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org