#apache - Tue 13 Mar 2007 between 23:48 and 23:59

NY Lost Funds



Joe7hi
fajitahi, Joe7.
eriscothumbs, well if I say to rewrite everything in web/ to my PHP file, are there any chances of someone bypassing that rewrite (in practical terms)?
thumbsyes, it's possible
eriscoouch.
actionfajita thinks erisco deserved it
fajitathinks erisco deserved it
JeffATLwell, great - apache will start without erroring out now, but it's not rewriting to port 8080 at all
eriscothumbs, what are possible exploits?
Joe7What's the way to set apache2 to add timestamp to _errog_ log entries?
thumbsJoe7: it already does.
Joe7: perhaps you mean for php. It can't.
Joe7yes, I meant for php.
thumbssorry, you can't
go complain in ##php
Joe7I will, thanks ;>
eriscothumbs, perhaps a better question would be either A) where can I read on exploits, or B) could I reasonably rely on mod_rewrite to work?
thumbsit's reasonayl secure
honestly, I wouldn't worrya bout it
eriscothumbs, I understand *Everything* is doable.. I was just wondering if it was a big WHOA NO! for trying to secure something with mod_rewrite
anyways, thanks for the info.
JeffATLokay, i've managed to set up rewriting/proxy stuff to send port 80 requests to zope on port 8080 in httpd.conf without apache dying on start, but it does not rewrite.
thumbsrewritelog
fajitarewritelog is @http://httpd.apache.org/docs-2.0/mod/mod_rewrite.html#rewriteloghttp://httpd.apache.org/docs/mod/mod_rewrite.html#rewritelog use logging to help design and track rewrite; see also rewriteloglevel
JeffATLi dunno, thumbs - i've been fighting this all day,following this howto and that howto and this wiki and that wiki, all to get exactly noplace. I think i've had it.
thumbsdid you pastebin your rewrite rules?
JeffATLthumbs: oh, heck, yeah - i'll link you to what i've got; hang on

Page: 1 8 15 22 29 36 43 

IrcArchive

NY Lost Funds