I've had some probes/attempted attacks recently also and I agree with Jani that a security tip in the documentation would be a good thing. I already had a rule in place in my httpd.conf file to prevent people from browsing files with ~ in the name but to newer admins it may not be an obvious thing to setup.My point for the post was that this should be told in the security tips pages as it might not be obvious to everyone who starts to configure apache the way they like it. And most cases, there are different people for writing the content files and for configuring apache. So you cannot just eliminate stupidity without heavy larting and bofhing.
This didnt come to me as "yeah it would be fun to block these" but i
actually withnessed someone probing my homesite. That prober had created
a list of all files in my docroot with *.php extension and crawling thru
them and then sending requests with same filename and ~ at the end.
As Jani pointed out, there are a number of ways for potentially exploitable files to make their way onto the site. We have a lot of people that use Dreamweaver, which creates .tmp files if you try and preview a page (scripted or not). These files sometimes linger around and the potential for them being synchronized to the live site does exist.
I'd be willing to take a stab at writing a security tip for this particular instance if the consensus is that it would be useful.
-- Lonnie Smetana Web Developer University of Manitoba
v: 204.474.7228 e: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
