Hi all, There is a security bug reported at: http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt
Which encounter the possibility to retrieve configuration files from tomcat WEB-INF directory, Through web servers used to route requests to tomcat. In the IIS the isapi_redirect.dll Protects us by denying all request to a URL includes the WEB-INF pattern. I need to know how can I implement it in Apache. Thanks Asaf -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
