Found this code inside htaccess - is an Exploit?

Discussion in 'Apache' started by misohoni, May 9, 2011.

0
  1. #1
    This the code I found, seems like the server's pwd is copied over? No idea what it means and what bits I should keep/remove:

    # -FrontPage-

IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName SITE URL
AuthUserFile /FULL URL/_vti_pvt/service.pwd
AuthGroupFile /FULL URL/_vti_pvt/service.grp
    Code (markup):
     
    misohoni, May 9, 2011 IP
  2. MartinPrestovic

    MartinPrestovic Peon

    Messages:
    213
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #2
    No, it is as it says, for FrontPage. If you are not using FrontPage to manage your site you can actually remove it and deactivate FrontPage Extensions in your control panel.
     
    MartinPrestovic, May 10, 2011 IP
  3. DaleB

    DaleB Peon

    Messages:
    107
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    As above, that's coding for FrontPage.

    What do you run your site on?
     
    DaleB, May 10, 2011 IP
  4. misohoni

    misohoni Notable Member

    Messages:
    1,717
    Likes Received:
    32
    Best Answers:
    0
    Trophy Points:
    200
    #4
    Thanks guys, it doesn't use Frontpage...but if I keep it there is should be ok?
     
    misohoni, May 13, 2011 IP
  5. MartinPrestovic

    MartinPrestovic Peon

    Messages:
    213
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #5
    If your not using Frontpage it will be fine whether you leave it there or not.
     
    MartinPrestovic, May 13, 2011 IP