http://qs321.pair.com?node_id=354346


in reply to How can I stop webdav exploits from hitting my server?

If you're not using DAV, you should try something like this in your apache config. I have not tested this.

<Limit SEARCH>
Order Deny,Allow
Deny from all
</Limit>

[download]

Replies are listed 'Best First'.
Re: Re: How can I stop webdav exploits from hitting my server?
by Nitrox (Chaplain) on May 18, 2004 at 20:01 UTC
    From the Apache docs for the <Limit> Directive:

    The method names listed can be one or more of: GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK. The method name is case-sensitive. If GET is used it will also restrict HEAD requests. The TRACE method cannot be limited.

    -Nitrox

[reply]

In Section Seekers of Perl Wisdom