View Single Post
  #3  
Old 5th May 2007, 13:54
gabrix gabrix is offline
Senior Member
 
Join Date: Sep 2006
Location: Napoli
Posts: 186
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to gabrix Send a message via Yahoo to gabrix Send a message via Skype™ to gabrix
Default

Quote:
root@www:~# apt-cache search apache2 | grep mod-security2
libapache2-mod-security2 - Tighten web applications security for Apache 2.x
mod-security2-common - Tighten web applications security - common files
Pardon modsecurity exists still .i have a big problem: wherever i am if i run http://mysite.it/etc/passwd all passwords shows off .... permissions are:
Quote:
-rw------- 1 root root 1726 2007-05-04 12:39 /etc/passwd
i put a.c.l. directories in apache2.conf :
Quote:
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /web>
Order Allow,Deny
Allow from all
</Directory>
I have a2enmod mod-security2 and got all rules from gotroot site and it still shows off , it's a big problem never had before in stable sarge what shall i do ???
__________________
http://www.gabrix.ath.cx
Reply With Quote