[mod-security-users] Feedback on changing default HTTP 500 Response
Brought to you by:
victorhora,
zimmerletw
From: Steve W. <ste...@ya...> - 2006-09-20 04:44:37
|
Hi folks, I was thinking about changing the default block message from the generic 500 error (Internal Server Error) to something more meaningful and was wondering what some folks here thought about this? I've always been the type to believe security via obscurity is better than disclosing too much information. Unfortunately, I think we might be blocking some legitimate requests. I was thinking a custom error message that states something to the effect "your request was denied due to a possible security violation...". On the other hand, would telling a possible hacker this info. just make them more determined? Thanks, SW __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com |