Solved

Stopping wget on Apache2 Ubuntu server

Posted on 2008-10-06
6
423 Views
Last Modified: 2013-11-15
I have a Ubuntu 8.04.1 server that serves PHP,MySQL and Java.
 It uses Apacee2, to protect the code I want to disallow WGET preferably globally
 without needing to enable .htaccess

 What command is required in what file in the /etc/apache2 directory to acheve this ?

 
0
Comment
Question by:itlearner1
  • 2
6 Comments
 
LVL 4

Accepted Solution

by:
urgoll earned 250 total points
ID: 22655895
Hello,
I'm not sure why you want to disallow wget. wget is a command-line utility that simulates a web browser access, i.e. it cannot do anything a browser wouldn't be able to do.

wget should not be able to look at your PHP code; PHP is executed on the web server, and is used to generate your actual viewable content. If you can get at the PHP code using WGET or a web browser, PHP is not properly executing on your server and is a completely different question.

Hope this helps clear things up,
Christophe
0
 

Author Comment

by:itlearner1
ID: 22656292

 On the advice of a Wiley book. But the book describes only how to do it with .htaccess which is
 disabled on my machine because I understand it to be better to handle security globally through apache
 config files if possible. Unfortunately apache is done differently in Ubuntu then what is described in most
 articles on the net.
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22656525
To be pedantic, .htaccess is also an Apache config file. Though it is true that it's marginally better to handle it centrally for two reasons:
- all the information is located in a single place; and
- if .htaccess is completely disabled, then apache will not waste time looking for it on every request, so you get a small performance gain.

That said, can you give me the reference to the Wiley book (title, author, ISBN, page number) ? I can look it up and get a feeling for what they are trying to achieve. As I said, if PHP is properly configured your web server should execute the PHP code, not serve it to the web client.

Regards,
Christophe
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

After running Ubuntu some time, you will be asked to download updates for fixing bugs and security updates. All the packages you download replace the previous ones, except for the kernel, also called "linux-image". This is due to the fact that w…
This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now