Hardening HTAccess, Part Three

by Robert Hansen
Sept. 23, 2017 0 comments Symantec Pen Testing & Audits htaccess

This is the third and final installment in a series devoted to hardening htaccess to make it more stable and lessen the chances of successful brute force attacks. The first installment offered a brief overview of htaccess, along with a look at a couple of hacking tools and methodologies to which htaccess is particularly susceptible. We particularly covered ways in which wwwhack can be used to infiltrate htaccess. In the second article, we explored a couple of ways of foiling wwwhack, namely headers masking and content masking. This installment will look at a few more issues involved with hardening htaccess.