Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

AllowOverride Risk Factor

Discussion in 'General Discussion' started by gorilla, Mar 21, 2006.

?

AllowOverride risk factor

  1. Risk factor high, allows .htaccess over ride

    3 vote(s)
    42.9%
  2. Risk factor low , doesnt seem to matter to much to most hosters

    2 vote(s)
    28.6%
  3. Risk factor none ; no problem with that at all

    2 vote(s)
    28.6%
  4. Risk ? Who cares :)

    0 vote(s)
    0.0%
  1. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    695
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Sydney / Australia
    Whats the general consent regarding AllowOverride ?
    As one of the scripter from fantastico tryes to tell me that "AllowOverride ALL" in httpd.conf is not a security risk .
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 gorilla, Mar 21, 2006
    Last edited: Mar 21, 2006
  2. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    695
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Sydney / Australia
    or am i just beeing simply paranoid ? :rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    It's a security risk if it allows end-users to do things you don't want them to as part of your security model. Best practice is to allow only what you want to happen, rather than leaving the door open and inviting burgulars in. There's some interesting thoughts about AllowOverride here:
    http://www.onlamp.com/pub/a/apache/2003/12/04/apacheckbk.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice