Hacker News new | ask | show | jobs
by marcuspovey 4974 days ago
You've got to watch this... Apache typically limits this to localhost, but if you use squid as a reverse proxy (quite common) then you can see this easily being exposed since all requests will appear to come from the local machine.
2 comments
ludwigvan 4974 days ago
Similarly, if you are using nginx in front of apache, watch out.
link
chokma 4974 days ago
And Ubuntu server 12.04 seems to enable this by default without access limit -

    sudo a2dismod status
helps to disable it.
link