[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Restricting access to certain file types HELP!

Subject: RE: [cobalt-security] Restricting access to certain file types HELP!
From: "Ervin Tarkhanian" <ervin@xxxxxxxxxx>
Date: Wed, 31 Oct 2001 20:12:28 -0800
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Ted,

Thanks for the reminder, but we only have Real & Windows Media on the site.
I just need to "disable" access to those files until the customer is ready
to "enable" them.  Basically if a request for *.rm, *.ram, *.asx, or *.asf
if made, I need to redirect the user.  RedirectMatch directive in the
.htaccess worked on the previous *nix server, but it doesn't on my RAQ 4.

Any suggestions on how to do this?

TIA
Ervin

-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Ted Behling
Sent: Wednesday, October 31, 2001 7:49 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Restricting access to certain file types
HELP!

At 10:23 PM 10/26/01, Ervin Tarkhanian wrote:
>I need to restrict access to all Real media files & Windows Media on a
site.
 >
 >
>RedirectMatch .*.ram    http://www.domain.com/novideo.html
>RedirectMatch .*.rm     http://www.domain.com/novideo.html
>RedirectMatch .*.asx    http://www.domain.com/novideo.html
>RedirectMatch .*.asf    http://www.domain.com/novideo.html

Don't forget .wmv, .wma, .wax, .wvx, and .wm for Windows Media.  For Real,
you might want to include .smi, .smil, .ra, .rmm, .rt, .rmj, .rms, and .rp
.  Those are all the Windows Media- and RealPlayer-specific extensions
listed in the programs' Open dialogs.  Of course, restricting access by
file extension doesn't provide any real security, as user agents pay
attention only to MIME types.  A Webmaster can assign any MIME type to any
file extension in their .htaccess file or with a two-line CGI/PHP script
that writes the header then echoes the file.  Therefore, you might be
better off to restrict by MIME type rather than file extension, although I
don't think this will get around the CGI/PHP possibility (haven't
tried).  Do you care about QuickTime?

--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.

43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894    Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- Re: [cobalt-security] Restricting access to certain file types HELP!
  - From: Ted Behling

Prev by Date: Re: [cobalt-security] Restricting access to certain file types HELP!
Next by Date: Re: [cobalt-security] cannt telnet after installing SSH
Previous by thread: Re: [cobalt-security] Restricting access to certain file types HELP!
Next by thread: Re: [cobalt-security] Restricting access to certain file types HELP!

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index