Eric, I think you are right cuz the rewrite rule which I'm using and also the ErrorDocument which I'm using are using the path of the files and not the exact URL.
But while I'm able to fix the custom 403 and 404 pages, I'm not too sure why the scanner is still detecting this vulnerability. Sukhjeet -----Original Message----- From: Eric Covener [mailto:[email protected]] Sent: Wednesday, June 10, 2009 5:33 PM To: [email protected] Subject: Re: [us...@httpd] Rewrite Rule for hiding Destination URL ?? On Wed, Jun 10, 2009 at 5:52 AM, BipinDas-Gmail <[email protected]> wrote: > I need to rewrite the url http://123.dev.com to http://123.dev.com/profile > > I have put the below code to my .htaccesss that successfully worked.... > > # ------------------------------------------------------- > > rewritecond %{http_host} ^widgets\.cmdn\.com$ > rewritecond %{request_uri} ^/$ > rewriterule ^(.*)$ http://123.dev.com/profile Your 2nd argument shouldn't be a full URL, that's why you're getting a redirect. Try just /profile, profile, or %{DOCUMENT_ROOT}/profile. -- Eric Covener [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
