Saturday, March 03, 2018

securing lighttpd

Brief notes on securing lighttpd, the light-weight web-server - 

https://www.packtpub.com/mapt/book/networking_and_servers/9781847192103/7

# deny access to all files below a certain path
$HTTP["url"] =~ "/certain-path/" { url.access-deny = ("") }
# deny access on all jpeg images to the Google bot
$HTTP["useragent"] =~ "Google" { url.access-deny = (".jpg") }
# deny access by referrer
$HTTP["referrer"] !~ "^($|www.ourhost.com)" {
url.access-deny = ("")
}

under mod_access

and also passwd auth.

No comments:

Post a Comment