|
From: Chris <chr...@ms...> - 2005-09-17 13:30:49
|
<harry_b <at> mm.st> writes: > > > Hi, > > I think its a good thing to be able to configure it in .htaccess files. > This comes in handy if you have to disable it for certain apps, e.g. > phpMySQL or some documentation system where I e.g. want to document > administration steps which contain SQL statements and other such kinda > admin tools. > > Just my 2 cents. > > Harry > > --On Monday, September 27, 2004 19:34:20 +0100 Ivan Ristic > <ivanr <at> webkreator.com> wrote: Well it should be made so it cant overide, what happens if someone signs up to a webhost that runs mod_security and decides to overide it to help them break into the server, kind of defeats the purpose if a normal user can just disable it. |
