logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Securing from RFI's when fopen is on.
Author
CrimsonSoul



Joined: 21 May 2006
Posts: 5

PostPosted: Fri 01 May '09 20:36    Post subject: Securing from RFI's when fopen is on. Reply with quote

I know it's possible to do in .htaccess but when you ahve the fopen permission on in php.ini is there a way to secure from RFI's from the Apache config or is the only way to do it in the .htaccess? Thanks guys
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Fri 01 May '09 23:01    Post subject: Reply with quote

IMHO (many times it's wrong) I cannot think of anything that can only be in a htaccess. Plenty of things that can only be in the server config, but not htaccess alone. But then I haven't a real clue what your talking about Embarassed

That said, I'll show you how to find out. Let's look at the Docs for answers, yes they are there. Let's look at the BrowserMatch directive for example;
http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html#browsermatch

Now, look in the box below the directive heading and you'll see the line for "Context" Obviously, BrowserMatch can be used in the main server config. inside a <VirtualHost> container, a <Directory> container or in an htaccess file.

Have fun

-edit-

A couple seconds on Google and I do know what you are talking about.
Syntax: RewriteEngine on|off
Default: RewriteEngine off
Context: server config, virtual host, directory, .htaccess

So yes
Back to top


Reply to topic   Topic: Securing from RFI's when fopen is on. View previous topic :: View next topic
Post new topic   Forum Index -> Apache