[nzlug] BrowserMatch controlled behaviour for Apache?
R. Eimann
subscr_nzlug at busy-byte.de
Sat Jul 5 14:42:10 NZST 2008
Hi,
Is there an easy way to use the BrowserMatch directive in Apache's config
to ignore requests originating from IE/Windows?
I don't have a particular problem with Windows users, but I've got a
log-in page on one of my private machines which authenicates users via
/etc/{passwd,shadow} and I want to make sure that requests for the login
page will not be answered if they originate from one of their
dodgy-as-hell Windows boxes which may have keyloggers installed that
nobody knows about. In particular because there also an SSH service
running on the box that also authenticates peole via /etc/{passwd,shadow}.
I know that the User-Agent header field can easily be spoofed, but not by
the to users I have in mind here.
Would appreciate some pointers...
Cheers,
--
R. Eimann
More information about the NZLUG
mailing list