Eric, I think you are right cuz the rewrite rule which I'm using and also the ErrorDocument which I'm using are using the path of the files and not the exact URL.
But while I'm able to fix the custom 403 and 404 pages, I'm not too sure why the scanner is still detecting this vulnerability. Sukhjeet -----Original Message----- From: Eric Covener [mailto:cove...@gmail.com] Sent: Wednesday, June 10, 2009 5:33 PM To: users@httpd.apache.org Subject: Re: [us...@httpd] Rewrite Rule for hiding Destination URL ?? On Wed, Jun 10, 2009 at 5:52 AM, BipinDas-Gmail <bipink...@gmail.com> wrote: > I need to rewrite the url http://123.dev.com to http://123.dev.com/profile > > I have put the below code to my .htaccesss that successfully worked.... > > # ------------------------------------------------------- > > rewritecond %{http_host} ^widgets\.cmdn\.com$ > rewritecond %{request_uri} ^/$ > rewriterule ^(.*)$ http://123.dev.com/profile Your 2nd argument shouldn't be a full URL, that's why you're getting a redirect. Try just /profile, profile, or %{DOCUMENT_ROOT}/profile. -- Eric Covener cove...@gmail.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
