Hi, I was just looking at my logs and noticed a decent amount of 404s as a result of requests trying to use php exploits. I don't use PHP on my host at all, so I figure it's time to uniformly deny php requests with Apache to save my Rails apps having to look up the route.
My searching has mostly brought back how tos on redirecting TO php rather than block it. I did find a mention of mod_security which looks promising. I'm wondering if it is compatible with Passenger. Any success or horror stories for it? Configuration file you would be willing to share? What else do people recommend? Cheers, Walter -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
