Author: phred
Date: Sun Apr 5 19:12:50 2009
New Revision: 762137
URL: http://svn.apache.org/viewvc?rev=762137&view=rev
Log:
Include access directives to encourage users to disallow public access
to perl-status, per recent issue CVE-2009-0796
Modified:
perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod
perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod
Modified: perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod
URL: http://svn.apache.org/viewvc/perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod?rev=762137&r1=762136&r2=762137&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod (original)
+++ perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod Sun Apr 5 19:12:50 2009
@@ -5,6 +5,12 @@
=head1 Synopsis
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlHandler Apache::Status
</Location>
@@ -17,6 +23,12 @@
Configure like so:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlHandler Apache::Status
</Location>
Modified: perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod
URL: http://svn.apache.org/viewvc/perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod?rev=762137&r1=762136&r2=762137&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod (original)
+++ perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod Sun Apr 5 19:12:50 2009
@@ -8,6 +8,12 @@
=head1 Synopsis
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler modperl
PerlOptions +GlobalRequest
PerlResponseHandler Apache2::Status
@@ -16,6 +22,12 @@
or
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlResponseHandler Apache2::Status
</Location>
@@ -31,6 +43,12 @@
Configure like so:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler modperl
PerlOptions +GlobalRequest
PerlResponseHandler Apache2::Status
@@ -45,6 +63,12 @@
core handler, configure C<Apache2::Status> as:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlResponseHandler Apache2::Status
</Location>
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-cvs-unsubscribe@perl.apache.org
For additional commands, e-mail: docs-cvs-help@perl.apache.org
Date: Sun Apr 5 19:12:50 2009
New Revision: 762137
URL: http://svn.apache.org/viewvc?rev=762137&view=rev
Log:
Include access directives to encourage users to disallow public access
to perl-status, per recent issue CVE-2009-0796
Modified:
perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod
perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod
Modified: perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod
URL: http://svn.apache.org/viewvc/perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod?rev=762137&r1=762136&r2=762137&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod (original)
+++ perl/modperl/docs/trunk/src/docs/1.0/api/Apache/Status.pod Sun Apr 5 19:12:50 2009
@@ -5,6 +5,12 @@
=head1 Synopsis
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlHandler Apache::Status
</Location>
@@ -17,6 +23,12 @@
Configure like so:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlHandler Apache::Status
</Location>
Modified: perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod
URL: http://svn.apache.org/viewvc/perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod?rev=762137&r1=762136&r2=762137&view=diff
==============================================================================
--- perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod (original)
+++ perl/modperl/docs/trunk/src/docs/2.0/api/Apache2/Status.pod Sun Apr 5 19:12:50 2009
@@ -8,6 +8,12 @@
=head1 Synopsis
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler modperl
PerlOptions +GlobalRequest
PerlResponseHandler Apache2::Status
@@ -16,6 +22,12 @@
or
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlResponseHandler Apache2::Status
</Location>
@@ -31,6 +43,12 @@
Configure like so:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler modperl
PerlOptions +GlobalRequest
PerlResponseHandler Apache2::Status
@@ -45,6 +63,12 @@
core handler, configure C<Apache2::Status> as:
<Location /perl-status>
+
+ # disallow public access
+ Order Deny, Allow
+ Deny from all
+ Allow from 127.0.0.1
+
SetHandler perl-script
PerlResponseHandler Apache2::Status
</Location>
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-cvs-unsubscribe@perl.apache.org
For additional commands, e-mail: docs-cvs-help@perl.apache.org