[sllug-members]: Apache log analyzer
Knight Walker
kwalker at kobran.org
Tue Feb 24 14:38:51 MST 2009
On Tue, 2009-02-24 at 13:54 -0700, Remo Mattei wrote:
> That has too many security holes that’s why I stopped using it.
They patched those, but I was also one of the people who fell victim to
AWstat's security holes, so I have setup my Apache configuration to
allow access to AWstats only from my own trusted subnets.
Like so:
<Directory "/usr/share/awstats/wwwroot">
Options None
AllowOverride None
Order allow,deny
Allow from 127.0.0.1 .kobran.org 10.123.123.
</Directory>
# Additional Perl modules
<IfModule mod_env.c>
SetEnv PERL5LIB /usr/share/awstats/lib:/usr/share/awstats/plugins
</IfModule>
That, plus SELinux have protected me since then.
-KW
More information about the sllug-members
mailing list