you should perhaps set Apache::ASP to also execute .asa files like .asp files
----- Original Message ----- From: "Thanos Chatziathanassiou" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 03, 2002 2:19 PM Subject: global.asa horrors ? > I had a nifty idea the other day: "what if I request the global.asa > directly through http ?". Well, it kind of turned out exactly as I had > hoped it wouldn't: apache returned the global.asa in plaintext. > Now, that's all ok, but my global.asa contained the database password > DBI used to access my db. > > Since this isn't obvious for the casual user, I propose that the > following be included in httpd.conf: > > <Files global.asa> > Order deny,allow > Deny from all > </Files> > > just to be on the safe side... > > Thanos Chatziathanassiou > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
