Username: 
Password: 
Restrict session to IP 
Questions  |  score: 2  |  3.01 4.88 4.58 |  Solved By 1789 People  |  85746 views  |  since Feb 02, 2011 - 20:33:07

Limited Access Too (Exploit, HTTP)

Limited Access Too
Haha, thank you so much for your feedback from the first challenge.
Especially thanks to a special person who sent in a fixed .htaccess to secure my pages.
The protected/protected.php is now secured :)

To prove me wrong, please access protected/protected.php again.
GeSHi`ed Plaintext code for .htaccess
1
2
3
4
56
7
8
9
1011
12
13
AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName "Authorization Required for the Limited Access Too Challenge"
AuthType Basic
<Limit GET POST HEAD PUT DELETE CONNECT OPTIONS PATCH>require valid-user
</Limit>
# TRACE is not allowed in Limit if TraceEnable is off, so disallow it completely
# to support both TraceEnable being on and off
RewriteEngine OnRewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule ^ - [F]
 
© 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by wannabe7331 and lordOric