On 7/06/2005 2:21 p.m., m0gely wrote:
While I applaud this response and it finally being done, I would suggest
making the cvar protected as well. Many people probably use a web host
that they have only FTP access to, or sometimes cpanel. They will not
have access to make modifications to apache itself. I think both ideas
are useful and worth it. Please make this a protected cvar.
There is probably no harm in restricting the cvar, but I don't think
there is any point either. It would make it harder admittedly, but
somebody determined could still figure out the URL.
Anybody can use the Apache config I gave before, as long as their host
has .htaccess files and "AllowOverride Limit" enabled. If their host
doesn't, then frankly their host sucks and they should change.
If using the config from an .htaccess file, remove the <Directory> part,
i.e. just say:
SetEnfIf Referer ^hl2://1\.2\.3\.4 MY_SERVER=1
Order Allow,Deny
Allow from env=MY_SERVER
Deny from all
-Simon
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
