List ,
https://pastebin.com/YspPiWif
One of our PHP website hacked on 3rd july 2022. I am attaching the httpd
access files contents in the above pastebin.I hide the original URL of
the website due to a SLA policy.
Can anybody point out from the logs what exactly made the attacker able to
> (I'm still unsure if sending valid ETags is sufficient to make
> If-None-Match work, i.e. whether the checking for that is up or
> downstream of where mod_xsendfile sits - any comments anyone?)
Yes, this is the part that that's relevant:
Wow! great solution. So we have to use htdbm. Is this the standard way of
doing it or are there other alternatives?
On Sun, Jul 3, 2022 at 9:08 PM Simon Harrison wrote:
> On Sun, 3 Jul 2022 20:26:45 +0600
> Ahmad Ismail wrote:
>
> > Who writes to dbm password files? I mean how are new users
Yesterday I asked:
2. mod_xsendfile (see https://github.com/nmaier/mod_xsendfile)
sends the specified file to the client.
Currently, all responses seem to have ETAG: "0". I'd like
the ETAG to be based in the normal way on the attributes
of the file that mod_xsendfile actually sends.
I
