?
Solved

Stopping wget on Apache2 Ubuntu server

Posted on 2008-10-06
6
Medium Priority
?
436 Views
Last Modified: 2013-11-15
I have a Ubuntu 8.04.1 server that serves PHP,MySQL and Java.
 It uses Apacee2, to protect the code I want to disallow WGET preferably globally
 without needing to enable .htaccess

 What command is required in what file in the /etc/apache2 directory to acheve this ?

 
0
Comment
Question by:itlearner1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 4

Accepted Solution

by:
urgoll earned 1000 total points
ID: 22655895
Hello,
I'm not sure why you want to disallow wget. wget is a command-line utility that simulates a web browser access, i.e. it cannot do anything a browser wouldn't be able to do.

wget should not be able to look at your PHP code; PHP is executed on the web server, and is used to generate your actual viewable content. If you can get at the PHP code using WGET or a web browser, PHP is not properly executing on your server and is a completely different question.

Hope this helps clear things up,
Christophe
0
 

Author Comment

by:itlearner1
ID: 22656292

 On the advice of a Wiley book. But the book describes only how to do it with .htaccess which is
 disabled on my machine because I understand it to be better to handle security globally through apache
 config files if possible. Unfortunately apache is done differently in Ubuntu then what is described in most
 articles on the net.
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22656525
To be pedantic, .htaccess is also an Apache config file. Though it is true that it's marginally better to handle it centrally for two reasons:
- all the information is located in a single place; and
- if .htaccess is completely disabled, then apache will not waste time looking for it on every request, so you get a small performance gain.

That said, can you give me the reference to the Wiley book (title, author, ISBN, page number) ? I can look it up and get a feeling for what they are trying to achieve. As I said, if PHP is properly configured your web server should execute the PHP code, not serve it to the web client.

Regards,
Christophe
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question