From: Hugh E Cruickshank Sent: September 16, 2008 15:32
> From: Sean Conner Sent: September 15, 2008 23:36
> > It was thus said that the Great Hugh E Cruickshank once stated:
> > >
> > > That may be the case but their recommendation is still: Issue a
> > > "404 - Not Found" response status code fo
Nick Kew wrote:
On 16 Sep 2008, at 06:57, Hugh E Cruickshank wrote:
That may be the case but their recommendation is still: Issue a "404 -
Not Found" response status code for a forbidden resource, or remove it
completely.
Either they're wrong or you're misreading.
But I can see what's happe
From: André Warnier Sent: September 16, 2008 15:44
> Hugh E Cruickshank wrote:
> [...]
> > I hear you but the client's security consultant (or whatever) is
> > making the recommendation based on the software's report and the
> > client is exercising due diligence by reporting the issues to us and
>
Hugh E Cruickshank wrote:
[...]
I hear you but the client's security consultant (or whatever) is
making the recommendation based on the software's report and the
client is exercising due diligence by reporting the issues to us and
we are trying to keep the client satisfied. If I can accomplish t
From: Sean Conner Sent: September 15, 2008 23:36
> It was thus said that the Great Hugh E Cruickshank once stated:
> >
> > That may be the case but their recommendation is still: Issue a
> > "404 - Not Found" response status code for a forbidden resource,
> > or remove it completely.
>
> I don't
On 16 Sep 2008, at 06:57, Hugh E Cruickshank wrote:
That may be the case but their recommendation is still: Issue a "404 -
Not Found" response status code for a forbidden resource, or remove it
completely.
Either they're wrong or you're misreading.
But I can see what's happening. It's "chin
It was thus said that the Great Hugh E Cruickshank once stated:
> From: Nick Kew Sent: September 15, 2008 19:43
> >
> > On 16 Sep 2008, at 02:44, Hugh E Cruickshank wrote:
> >
> > > Right now if someone were to attempt to access these subdirectories
> > > (i.e. http://www.example.com/cgi-bin) the
From: Nick Kew Sent: September 15, 2008 19:43
>
> On 16 Sep 2008, at 02:44, Hugh E Cruickshank wrote:
>
> > Right now if someone were to attempt to access these subdirectories
> > (i.e. http://www.example.com/cgi-bin) they would receive a 403
> > Forbidden error message. Unfortunately this is not
On 16 Sep 2008, at 02:44, Hugh E Cruickshank wrote:
Right now if someone were to attempt to access these subdirectories
(i.e. http://www.example.com/cgi-bin) they would receive a 403
Forbidden error message. Unfortunately this is not quite acceptable
to the IBM Rational AppScan utility which re
Apache 2.0.46 on RHEL3.9
Hi All:
I am attempting to determine if there is a method of "hiding" the
subdirectories on our web server. I have spent the better part of
the day doing Google searches without coming up with anything that
would seem to work.
Right now if someone were to attempt to acce
10 matches
Mail list logo
