Re: Dumb Apache server moves?

From: Adam (a24061@void.yahoo.void.com)
Date: 02/07/03


From: Adam <a24061@void.yahoo.void.com>
Date: Fri, 07 Feb 2003 08:51:25 GMT

On Thursday 06 February 2003 19:29, Jem Berkes wrote:

>> Just food for thought: What do you think are the most common security
>> mistakes regarding configuration of Apache? Not so much security
>> flaws, but default configutations / dumb default settings that should
>> be changed?
>>
>> I am sort of new to this but have become the impromptu expert in my
>> department. Any thoughts from the Apache world?
>
> Things that briefly flash into my mind. Don't know if they're default.
>
> - Letting untrusted users execute CGI scripts
> - Letting untrusted users use .htaccess

What sort of problems does .htaccess cause?