Hi,
We have just noticed that pages on our sites can be access with arbitrary extensions. For example, http://www.mysite.com/home.html, is also being served with http://www.mysite.com/home.php, http://www.mysite.com/home.asp, http://www.mysite.com/home.do, http://www.mysite.com/home.foo as well as http://www.mysite.com/home.php.html, http://www.mysite.com/home.asp.html, etc.
I can disable all these extensions in the dispatcher.any, but this is not elegant, as I either have to add lots of deny lines or accidentally disable valid extensions.
Is there an elegant way to prevent this from happening?
Thanks in advance,
Behrang
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Behrang,
Seem like your current configuration is not as per recommendation. Please Use a “whitelist” approach. Deny everything and only allow what you need. Watch out our Webinar Recording: http://my.adobeconnect.com/p7th2gf8k43/
Thanks,
Sham
Views
Replies
Total Likes
Hi Behrang,
Seem like your current configuration is not as per recommendation. Please Use a “whitelist” approach. Deny everything and only allow what you need. Watch out our Webinar Recording: http://my.adobeconnect.com/p7th2gf8k43/
Thanks,
Sham
Views
Replies
Total Likes