From c0b7206652b2852bc574694e7ba07ba1c2acdc00 Mon Sep 17 00:00:00 2001 From: hongbotian Date: Mon, 30 Nov 2015 03:10:21 -0500 Subject: delete app Change-Id: Id4c572809969ebe89e946e88063eaed262cff3f2 Signed-off-by: hongbotian --- .../docs/manual/misc/security_tips.html.ko.euc-kr | 345 --------------------- 1 file changed, 345 deletions(-) delete mode 100644 rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr (limited to 'rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr') diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr deleted file mode 100644 index 58c56f14..00000000 --- a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr +++ /dev/null @@ -1,345 +0,0 @@ - - - -º¸¾È ÆÁ - Apache HTTP Server - - - - - -
<-
-

º¸¾È ÆÁ

-
-

°¡´ÉÇÑ ¾ð¾î:  en  | - ko  | - tr 

-
-
ÀÌ ¹®¼­´Â ÃÖ½ÅÆÇ ¹ø¿ªÀÌ ¾Æ´Õ´Ï´Ù. - ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼­¸¦ Âü°íÇϼ¼¿ä.
- -

À¥¼­¹ö¸¦ ¿î¿µÇÒ¶§ µµ¿òÀÌ µÉ º¸¾È °ü·Ã ÈùÆ®¿Í ÆÁÀÌ´Ù. - ¾î¶² °ÍÀº ÀϹÝÀûÀÌ°í, ¾î¶² °ÍÀº ¾ÆÆÄÄ¡¿¡¸¸ ÇØ´çÇÏ´Â °ÍÀÌ´Ù.

-
- -
top
-
-

ÃÖ½ÅÆÇÀ¸·Î À¯ÁöÇϱâ

- -

¾ÆÆÄÄ¡ À¥¼­¹ö´Â ¾ÈÀü°ú º¸¾È ¹®Á¦¿¡ °ü½ÉÀÌ ¸¹Àº °³¹ßÀÚ - °øµ¿Ã¼·Î À¯¸íÇÏ´Ù. ±×·¯³ª Å©°Ç ÀÛ°Ç ¹ßÇ¥ÈÄ ¹ß°ßµÇ´Â ¹®Á¦µéÀ» - ÇÇÇÒ ¼ö ¾ø´Ù. ±×·¡¼­ ¼ÒÇÁÆ®¿þ¾î¸¦ ÃֽŹöÀüÀ¸·Î À¯ÁöÇÏ´Â - °ÍÀÌ Áß¿äÇÏ´Ù. ¾ÆÆÄÄ¡¿¡¼­ Á÷Á¢ À¥¼­¹ö¸¦ ´Ù¿î·ÎµåÇß´Ù¸é, - »õ·Î¿î ¹öÀü°ú º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¾Ë·ÁÁÖ´Â ¾ÆÆÄÄ¡ - À¥¼­¹ö ¹ßÇ¥ ¸ÞÀϸµ¸®½ºÆ®¸¦ ±¸µ¶ÇÏ±æ °­·ÂÈ÷ ±ÇÇÑ´Ù. - ¾ÆÆÄÄ¡ ¼ÒÇÁÆ®¿þ¾î¸¦ ¹èÆ÷ÇÏ´Â ¸¹Àº Á¦»ïÀڵ鵵 ºñ½ÁÇÑ ¼­ºñ½º¸¦ - Á¦°øÇÑ´Ù.

- -

¹°·Ð À¥¼­¹ö Äڵ嶧¹®¿¡ À¥¼­¹ö°¡ °ø°ÝÀ» ´çÇÏ´Â °æ¿ì´Â - ¸¹Áö ¾Ê´Ù. ±×º¸´Ù Ãß°¡ ÄÚµå, CGI ½ºÅ©¸³Æ®, ÇÏÀ§ ¿î¿µÃ¼Á¦ÀÇ - ¹®Á¦·Î °ø°ÝÀ» ´çÇÏ´Â °æ¿ì°¡ ¸¹´Ù. ±×·¯¹Ç·Î Ç×»ó ÁÖÀÇÇϸç - ½Ã½ºÅÛÀÇ ¸ðµç ¼ÒÇÁÆ®¿þ¾î¸¦ ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.

- -
top
-
-

ServerRoot µð·ºÅ丮 ±ÇÇÑ

- - - -

º¸Åë root »ç¿ëÀÚ°¡ ¾ÆÆÄÄ¡¸¦ ½ÃÀÛÇÑ ÈÄ, ¿äûÀ» ¼­ºñ½ºÇϱâÀ§ÇØ - User Áö½Ã¾î·Î - ÁöÁ¤ÇÑ »ç¿ëÀÚ·Î º¯È¯ÇÑ´Ù. root°¡ ½ÇÇàÇÏ´Â ¸í·É¾î°¡ ÀÖ´Ù¸é, - root ÀÌ¿ÜÀÇ »ç¿ëÀÚ°¡ ¼öÁ¤ÇÏÁö ¸øÇϵµ·Ï ÁÖÀÇÇØ¾ß ÇÑ´Ù. ÀÌ - ÆÄÀϵéÀ» root¸¸ ¾µ ¼ö ÀÖ¾î¾ß ÇÏ°í, µð·ºÅ丮¿Í ¸ðµç »óÀ§µð·ºÅ丮µµ - ¸¶Âù°¡Áö´Ù. ¿¹¸¦ µé¾î, ServerRoot·Î /usr/local/apache¸¦ - »ç¿ëÇÑ´Ù¸é root »ç¿ëÀÚ°¡ ´ÙÀ½°ú °°ÀÌ µð·ºÅ丮¸¦ ¸¸µé±æ - Á¦¾ÈÇÑ´Ù:

- -

- mkdir /usr/local/apache
- cd /usr/local/apache
- mkdir bin conf logs
- chown 0 . bin conf logs
- chgrp 0 . bin conf logs
- chmod 755 . bin conf logs -

- -

±×·¯¸é /, /usr, /usr/local Àº root¸¸ÀÌ ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù. - httpd ½ÇÇàÆÄÀÏÀ» ¼³Ä¡ÇÒ¶§ ´ÙÀ½°ú °°ÀÌ º¸È£ÇØ¾ß ÇÑ´Ù:

- -

- cp httpd /usr/local/apache/bin
- chown 0 /usr/local/apache/bin/httpd
- chgrp 0 /usr/local/apache/bin/httpd
- chmod 511 /usr/local/apache/bin/httpd -

- -

htdocs ÇÏÀ§µð·ºÅ丮´Â ´Ù¸¥ »ç¿ëÀÚµéÀÌ ¼öÁ¤ÇÒ ¼ö ÀÖµµ·Ï - ¸¸µé ¼ö ÀÖ´Ù -- root´Â ±×°÷¿¡ ÀÖ´Â ÆÄÀÏÀ» ½ÇÇàÇÏÁöµµ, ¸¸µéÁöµµ - ¾Ê¾Æ¾ß ÇÑ´Ù.

- -

root°¡ ¾Æ´Ñ »ç¿ëÀÚ°¡ root°¡ ½ÇÇàÇϰųª ¾²±â°¡´ÉÇÑ ÆÄÀÏÀ» - ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù¸é ½Ã½ºÅÛÀÇ root ±ÇÇÑÀ» ÈÉÄ¥ ¼ö ÀÖ´Ù. ¿¹¸¦ - µé¾î, ´©±º°¡ httpd ½ÇÇàÆÄÀÏÀ» º¯°æÇÏ¿´´Ù¸é ´ÙÀ½¹ø ½ÃÀÛÇÒ¶§ - ÀÓÀÇÀÇ Äڵ带 ½ÇÇàÇÏ°Ô µÈ´Ù. logs µð·ºÅ丮°¡ (root°¡ ¾Æ´Ñ - »ç¿ëÀÚ¿¡°Ô) ¾²±â°¡´ÉÇÏ´Ù¸é ´©±º°¡ ·Î±×ÆÄÀÏÀ» ´Ù¸¥ ½Ã½ºÅÛÆÄÀÏ·Î - ½Éº¼¸µÅ©¸¦ °É¾î¼­ root°¡ ÆÄÀÏ¿¡ ÀÓÀÇÀÇ ÀڷḦ µ¤¾î¾µ ¼ö - ÀÖ´Ù. ·Î±×ÆÄÀÏÀÌ (root°¡ ¾Æ´Ñ »ç¿ëÀÚ¿¡°Ô) ¾²±â°¡´ÉÇÏ´Ù¸é - ´©±º°¡ ·Î±×¿¡ ÀÌ»óÇÑ ÀڷḦ ±â·ÏÇÒ ¼ö ÀÖ´Ù.

- -
top
-
-

Server Side Includes

- - - -

Server Side Includes (SSI)´Â ¼­¹ö °ü¸®ÀÚ¿¡°Ô º¸¾È»ó ¸î°¡Áö - ÀáÀçÀûÀÎ À§ÇèÀÌ´Ù.

- -

ù¹ø° À§ÇèÀº ¼­¹öÀÇ ºÎÇϸ¦ ´Ã¸®´Â Á¡ÀÌ´Ù. ¾ÆÆÄÄ¡´Â ÆÄÀÏ¿¡ - SSI Áö½Ã¾î°¡ ÀÖ´ÂÁö ¿©ºÎ¿Í °ü°è¾øÀÌ ¸ðµç SSI ÆÄÀÏÀ» ºÐ¼®ÇØ¾ß - ÇÑ´Ù. Á¶±Ý ºÎÇÏ°¡ ´ÃÁö¸¸, ¼­¹ö¸¦ ¿©·¯ »ç¶÷ÀÌ °°ÀÌ »ç¿ëÇÏ´Â - ȯ°æ¿¡¼­´Â ½É°¢ÇÒ ¼ö ÀÖ´Ù.

- -

¶Ç, SSI ÆÄÀÏÀº ÀϹÝÀûÀÎ CGI ½ºÅ©¸³Æ®¿Í µ¿ÀÏÇÑ À§ÇèÀ» - °¡Áø´Ù. SSI ÆÄÀÏ¿¡¼­ "exec cmd"¸¦ »ç¿ëÇϸé httpd.conf¿¡¼­ - ¾ÆÆÄÄ¡¸¦ ½ÇÇàÇϵµ·Ï ¼³Á¤ÇÑ »ç¿ëÀÚ¿Í ±×·ì ±ÇÇÑÀ¸·Î CGI - ½ºÅ©¸³Æ®³ª ÇÁ·Î±×·¥À» ½ÇÇàÇÒ ¼ö ÀÖ´Ù.

- -

ÀåÁ¡À» È°¿ëÇϸ鼭 SSI ÆÄÀÏÀÇ º¸¾ÈÀ» Çâ»ó½ÃÅ°´Â ¹æ¹ýÀÌ - ÀÖ´Ù.

- -

SSI ÆÄÀÏÀÌ °¡Á®¿Ã ¼ö ÀÖ´Â ÇÇÇظ¦ °Ý¸®ÇϱâÀ§ÇØ ¼­¹ö°ü¸®ÀÚ´Â - ÀϹÝÀûÀÎ CGI Àý¿¡¼­ ¼³¸íÇÏ´Â ¹æ¹ýÀ¸·Î - suexec¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù

- -

.htmlÀ̳ª .htm È®ÀåÀÚ¸¦ SSI ÆÄÀÏ·Î »ç¿ëÇÏ´Â °ÍÀº À§ÇèÇÏ´Ù. - ƯÈ÷ ¿©·¯ »ç¶÷ÀÌ °øÀ¯Çϰųª Åë½Å·®ÀÌ ¸¹Àº ¼­¹ö ȯ°æ¿¡¼­ - À§ÇèÇÏ´Ù. SSI ÆÄÀÏÀº ÀϹÝÀûÀ¸·Î ¸¹ÀÌ »ç¿ëÇÏ´Â .shtml °°Àº - º°µµÀÇ È®ÀåÀÚ¸¦ °¡Á®¾ß ÇÑ´Ù. ±×·¯¸é ¼­¹ö ºÎÇϸ¦ ÃÖ¼ÒÈ­ÇÏ°í - À§Çè¿ä¼Ò¸¦ ½±°Ô °ü¸®ÇÒ ¼ö ÀÖ´Ù.

- -

´Ù¸¥ ¹æ¹ýÀº SSI ÆäÀÌÁö°¡ ½ºÅ©¸³Æ®³ª ÇÁ·Î±×·¥À» ½ÇÇàÇÏÁö - ¸øÇϵµ·Ï ¸¸µå´Â °ÍÀÌ´Ù. Options Áö½Ã¾î¿¡¼­ Includes - ´ë½Å IncludesNOEXEC¸¦ »ç¿ëÇÑ´Ù. ±×·¡µµ ½ºÅ©¸³Æ®°¡ - ScriptAlias Áö½Ã¾î·Î - ÁöÁ¤ÇÑ µð·ºÅ丮¿¡ ÀÖ´Ù¸é <--#include virtual="..." -->¸¦ - »ç¿ëÇÏ¿© CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÒ ¼ö ÀÖÀ½À» ÁÖÀÇÇ϶ó.

- -
top
-
-

ÀϹÝÀûÀÎ CGI

- - - -

°á±¹ ´ç½ÅÀº Ç×»ó CGI ½ºÅ©¸³Æ®/ÇÁ·Î±×·¥ÀÇ ÀúÀÚ¸¦ ½Å·ÚÇØ¾ß - ÇÏ°í, °íÀÇ°Ç ½Ç¼öÀÌ°Ç CGIÀÇ ÀáÀçÀûÀÎ º¸¾È»ó ÇãÁ¡À» ¹ß°ßÇÒ - ¼ö ÀÖ¾î¾ß ÇÑ´Ù. ±âº»ÀûÀ¸·Î CGI ½ºÅ©¸³Æ®´Â À¥¼­¹ö »ç¿ëÀÚ - ±ÇÇÑÀ¸·Î ½Ã½ºÅÛ¿¡¼­ ¾î¶² ¸í·É¾î¶óµµ ½ÇÇàÇÒ ¼ö Àֱ⶧¹®¿¡ - ÁÖÀÇÀÖ°Ô È®ÀÎÇÏÁö ¾ÊÀ¸¸é ¸Å¿ì À§ÇèÇÏ´Ù.

- -

¸ðµç CGI ½ºÅ©¸³Æ®°¡ °°Àº »ç¿ëÀÚ·Î ½ÇÇàµÇ±â¶§¹®¿¡ ´Ù¸¥ - ½ºÅ©¸³Æ®¿Í (°íÀÇ°Ç ½Ç¼öÀÌ°Ç) Ãæµ¹ÇÒ °¡´É¼ºÀÌ ÀÖ´Ù. ¿¹¸¦ - µé¾î, »ç¿ëÀÚ A´Â »ç¿ëÀÚ B¸¦ ¸Å¿ì ½È¾îÇÏ¿©, »ç¿ëÀÚ BÀÇ CGI - µ¥ÀÌÅͺ£À̽º¸¦ Áö¿ö¹ö¸®´Â ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÒ ¼ö ÀÖ´Ù. ¾ÆÆÄÄ¡ - 1.2 ¹öÀüºÎÅÍ Æ÷ÇԵǾú°í ¾ÆÆÄÄ¡ ¼­¹ö¿¡¼­ Ưº°ÇÑ ÈÅ(hook)À¸·Î - µ¿ÀÛÇÏ´Â suEXEC´Â ½ºÅ©¸³Æ®¸¦ - ´Ù¸¥ »ç¿ëÀÚ·Î ½ÇÇàÇÏ´Â ¹æ¹ýÁß Çϳª´Ù. ´Ù¸¥ ´ëÁßÀûÀÎ ¹æ¹ý¿¡´Â - CGIWrapÀÌ ÀÖ´Ù.

- -
top
-
-

ScriptAliasÇÏÁö ¾ÊÀº CGI

- - - -

´ÙÀ½ Á¶°ÇÀ» ¸¸Á·ÇÒ¶§¸¸ »ç¿ëÀÚ°¡ ¾î¶² µð·ºÅ丮¿¡¼­¶óµµ - CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇϵµ·Ï Çã¿ëÇÒ ¼ö ÀÖ´Ù:

- -
    -
  • ´ç½ÅÀº °íÀÇ°Ç ½Ç¼öÀÌ°Ç »ç¿ëÀÚ°¡ ½Ã½ºÅÛÀ» °ø°Ý¿¡ ³ëÃâ½ÃÅ°´Â - ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÏÁö ¾Ê´Â´Ù°í ¹Ï´Â´Ù.
  • -
  • ½Ã½ºÅÛÀÇ ´Ù¸¥ ºÎºÐÀÇ º¸¾ÈÀÌ ¾àÇؼ­, ÀáÀçÀûÀÎ ÇãÁ¡À» - Çϳª ´õ ¸¸µé¾îµµ ³ªºüÁú °ÍÀÌ ¾ø´Ù°í »ý°¢ÇÏ´Â °æ¿ì.
  • -
  • »ç¿ëÀÚ°¡ ¾ø°í, ¾Æ¸¶ ¾Æ¹«µµ ¼­¹ö¸¦ ¹æ¹®ÇÏÁö¾Ê´Â °æ¿ì.
  • -
- -
top
-
-

ScriptAliasÇÑ CGI

- - - -

ƯÁ¤ µð·ºÅ丮¿¡¼­¸¸ CGI¸¦ ½ÇÇàÇÒ ¼ö ÀÖµµ·Ï Á¦ÇÑÇÏ¸é °ü¸®ÀÚ´Â - ÀÌµé µð·ºÅ丮¸¦ ÅëÁ¦ÇÒ ¼ö ÀÖ´Ù. ÀÌ °æ¿ì´Â scriptaliasÇÏÁö - ¾ÊÀº CGIº¸´Ù È®½ÇÈ÷ ¾ÈÀüÇÏ´Ù. ´Ü, ½Å·ÚÇÏ´Â »ç¿ëÀÚ¸¸ µð·ºÅ丮¿¡ - Á¢±ÙÇÒ ¼ö ÀÖ°í, °ü¸®ÀÚ°¡ »õ·Î¿î CGI ½ºÅ©¸³Æ®/ÇÁ·Î±×·¥ÀÇ - ÀáÀçÀûÀÎ º¸¾È»ó ÇãÁ¡À» °Ë»çÇÒ ¿ëÀÌ°¡ ÀÖ´Ù¸é.

- -

´ëºÎºÐÀÇ »çÀÌÆ®´Â scriptaliasÇÏÁö ¾ÊÀº CGI ¹æ½Ä ´ë½Å - ÀÌ ¹æ½ÄÀ» »ç¿ëÇÑ´Ù.

- -
top
-
-

µ¿Àû ³»¿ëÀ» »ý¼ºÇÏ´Â ´Ù¸¥ ¹æ¹ý

- - - -

- mod_php, mod_perl, mod_tcl, mod_python °°ÀÌ ¼­¹öÀÇ ÀϺηΠ- µ¿ÀÛÇÏ´Â ÀÓº£µðµå ½ºÅ©¸³Æ®´Â ¼­¹ö¿Í °°Àº »ç¿ëÀÚ·Î (User Áö½Ã¾î Âü°í) ½ÇÇàµÇ±â¶§¹®¿¡, - ½ºÅ©¸³Æ® ¿£ÁøÀÌ ½ÇÇàÇÏ´Â ½ºÅ©¸³Æ®´Â ÀáÀçÀûÀ¸·Î ¼­¹ö »ç¿ëÀÚ°¡ - Á¢±ÙÇÒ ¼ö ÀÖ´Â ¸ðµç °Í¿¡ Á¢±ÙÇÒ ¼ö ÀÖ´Ù. ¾î¶² ½ºÅ©¸³Æ® ¿£ÁøÀº - ¾î´ÀÁ¤µµ Á¦ÇÑÀ» ÇÏÁö¸¸, ¾ÈÀüÇÏ´Ù°í °¡Á¤ÇÏÁö ¾Ê´Â °ÍÀÌ ÁÁ´Ù.

- -
top
-
-

½Ã½ºÅÛ ¼³Á¤ º¸È£Çϱâ

- - - -

Á¤¸»·Î ¾ÈÀüÇÑ ¼­¹ö¸¦ ¿î¿µÇÏ·Á¸é »ç¿ëÀÚ°¡ - .htaccess ÆÄÀÏÀ» »ç¿ëÇÏ¿© ´ç½ÅÀÌ ¼³Á¤ÇÑ º¸¾È±â´ÉÀ» - º¯°æÇÏ±æ ¹Ù¶óÁö ¾ÊÀ» °ÍÀÌ´Ù. ±×·¯±âÀ§ÇØ ´ÙÀ½°ú °°Àº ¹æ¹ýÀÌ - ÀÖ´Ù.

- -

¼­¹ö ¼³Á¤ÆÄÀÏ¿¡ ´ÙÀ½À» Ãß°¡ÇÑ´Ù

- -

- <Directory />
- AllowOverride None
- </Directory> -

- -

±×·¯¸é »ç¿ë°¡´ÉÇϵµ·Ï ¸í½ÃÀûÀ¸·Î Çã¿ëÇÑ µð·ºÅ丮¸¦ Á¦¿ÜÇÏ°í´Â - .htaccess ÆÄÀÏÀ» »ç¿ëÇÒ ¼ö ¾ø´Ù.

- -
top
-
-

±âº»ÀûÀ¸·Î ¼­¹ö¿¡ ÀÖ´Â ÆÄÀÏ º¸È£Çϱâ

- - - -

»ç¶÷µéÀº Á¾Á¾ ¾ÆÆÄÄ¡ÀÇ ±âº» Á¢±Ù¿¡ ´ëÇØ À߸ø ¾Ë°íÀÖ´Ù. - Áï, ¼­¹ö°¡ ÀϹÝÀûÀÎ URL ´ëÀÀ ±ÔÄ¢À» »ç¿ëÇÏ¿© ÆÄÀÏÀ» ãÀ» - ¼ö ÀÖ´Ù¸é, Ưº°È÷ Á¶Ä¡¸¦ ÇÏÁö ¾Ê´ÂÇÑ Å¬¶óÀ̾ðÆ®¿¡°Ô ÆÄÀÏÀÌ - ¼­ºñ½ºµÉ ¼ö ÀÖ´Ù.

- -

¿¹¸¦ µé¾î, ¾Æ·¡¿Í °°Àº °æ¿ì:

- -

- # cd /; ln -s / public_html
- http://localhost/~root/ ¿¡ Á¢±ÙÇÑ´Ù -

- -

±×·¯¸é Ŭ¶óÀ̾ðÆ®´Â Àüü ÆÄÀϽýºÅÛÀ» µ¹¾Æ´Ù´Ò ¼ö ÀÖ´Ù. - À̸¦ ¸·±âÀ§ÇØ ¼­¹ö¼³Á¤¿¡¼­ ´ÙÀ½°ú °°Àº Á¶Ä¡¸¦ ÇÑ´Ù:

- -

- <Directory />
- Order Deny,Allow
- Deny from all
- </Directory> -

- -

±×·¯¸é ÆÄÀϽýºÅÛ À§Ä¡¿¡ ´ëÇØ ±âº» Á¢±ÙÀÌ °ÅºÎµÈ´Ù. - ¿øÇÏ´Â ¿µ¿ª¿¡ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ´ÙÀ½°ú °°Àº Directory ºí·ÏÀ» Ãß°¡ÇÑ´Ù.

- -

- <Directory /usr/users/*/public_html>
- Order Deny,Allow
- Allow from all
- </Directory>
- <Directory /usr/local/httpd>
- Order Deny,Allow
- Allow from all
- </Directory> -

- -

Location°ú Directory Áö½Ã¾î¸¦ °°ÀÌ »ç¿ëÇÏ´Â - °æ¿ì Ưº°È÷ ÁÖÀǸ¦ ±â¿ï¿©¶ó. ¿¹¸¦ µé¾î, <Directory - />°¡ Á¢±ÙÀ» °ÅºÎÇÏ´õ¶óµµ <Location - /> Áö½Ã¾î°¡ À̸¦ ¹«½ÃÇÒ ¼ö ÀÖ´Ù

- -

UserDir Áö½Ã¾î¸¦ - »ç¿ëÇÏ´Â °æ¿ì¿¡µµ ÁÖÀÇÇ϶ó. Áö½Ã¾î¸¦ "./" °°ÀÌ ¼³Á¤Çϸé - root »ç¿ëÀÚ¿¡ ´ëÇØ ¹Ù·Î À§ÀÇ °æ¿ì¿Í °°Àº ¹®Á¦°¡ ¹ß»ýÇÑ´Ù. - ¾ÆÆÄÄ¡ 1.3 ÀÌ»óÀ» »ç¿ëÇÑ´Ù¸é ¼­¹ö ¼³Á¤ÆÄÀÏ¿¡ ¾Æ·¡ ÁÙÀ» Ãß°¡Çϱæ - °­·ÂÈ÷ ±ÇÇÑ´Ù:

- -

- UserDir disabled root -

- -
top
-
-

·Î±× »ìÆ캸±â

- - - -

½ÇÁ¦·Î ¼­¹ö¿¡¼­ ¹«½¼ ÀÏÀÌ À־°í ÀÖ´ÂÁö ¾Ë·Á¸é ·Î±×ÆÄÀÏÀ» »ìÆìºÁ¾ß ÇÑ´Ù. ·Î±×ÆÄÀÏÀº - ÀÌ¹Ì ÀϾ Àϸ¸À» º¸°íÇÏÁö¸¸, ¼­¹ö¿¡ ¾î¶² °ø°ÝÀÌ ÀÖ¾ú´ÂÁö - ¾Ë·ÁÁÖ°í ÇöÀç ÇÊ¿äÇÑ ¸¸Å­ ¾ÈÀüÇÑÁö È®ÀÎÇÏ°Ô ÇØÁØ´Ù.

- -

¿©·¯°¡Áö ¿¹:

- -

- grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log
- grep "client denied" error_log | tail -n 10 -

- -

ù¹ø° ¿¹´Â À߸øµÈ - Source.JSP ¿äûÀ¸·Î ¼­¹öÁ¤º¸¸¦ ¾Ë¾Æ³¾ ¼ö ÀÖ´Â TomcatÀÇ - Ãë¾àÁ¡¸¦ ÀÌ¿ëÇÏ·Á´Â °ø°Ý Ƚ¼ö¸¦ ¾Ë·ÁÁÖ°í, µÎ¹ø° ¿¹´Â - Á¢±ÙÀÌ °ÅºÎµÈ Ãֱ٠Ŭ¶óÀ̾ðÆ® 10°³¸¦ ´ÙÀ½°ú °°ÀÌ º¸¿©ÁØ´Ù:

- -

- [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied - by server configuration: /usr/local/apache/htdocs/.htpasswd -

- -

Àß ¾Ë µíÀÌ ·Î±×ÆÄÀÏÀº ÀÌ¹Ì ¹ß»ýÇÑ »ç°Ç¸¸À» º¸°íÇÑ´Ù. - ±×·¡¼­ Ŭ¶óÀ̾ðÆ®°¡ .htpasswd ÆÄÀÏ¿¡ Á¢±ÙÇÒ - ¼ö ÀÖ¾ú´Ù¸é Á¢±Ù ·Î±×¿¡ - ´ÙÀ½°ú °°Àº ±â·ÏÀÌ ³²À» °ÍÀÌ´Ù:

- -

- foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" -

- -

Áï, ´ç½ÅÀº ¼­¹ö ¼³Á¤ÆÄÀÏ¿¡¼­ ´ÙÀ½ ºÎºÐÀ» ÁÖ¼®Ã³¸®ÇßÀ» - °ÍÀÌ´Ù:

- -

- <Files ~ "^\.ht">
- Order allow,deny
- Deny from all
- <Files> -

- -
-
-

°¡´ÉÇÑ ¾ð¾î:  en  | - ko  | - tr 

-
- \ No newline at end of file -- cgit 1.2.3-korg