Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Linux Journal

Two-Factor Authentication System for Apache and SSH

If you run a publicly accessible Web server for your own use (and let's face it, if you're reading Linux Journal, there's a very good chance you do), how do you go about limiting the risk of someone ...
Ars Technica

Apache authentication based on the IP address

I wonder if this is possible to achieve using an .htaccess file.<br>I have a few virtual sites on a Apache server (2.0.43), that I have password protected it with an .htaccess file, everything is ...
Ars Technica

apache authentication

Is it possible to require basic authentication only if the requests are not coming from a specific IP range. <BR><BR>Just setting up basic authentication and adding the allow from <net>/<cidr> ...
Bleeping Computer

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits. Apache OFBiz (Open For Business) is an ...
TechRadar

These vulnerabilities in Apache HTTP Server enable HTTP Request Smuggling and SSL Authentication Bypass, posing severe threats to organizations worldwide

Apache's HTTP Server is a critical component for hosting web applications worldwide. Recently, two significant vulnerabilities CVE-2024-40725 and CVE-2024-40898 have surfaced, raising alarms across ...
Simon Fraser University

CAS Apache module

Before SFU adopted CAS as its authentication method for the web, we already had an Apache authentication/authorization module that allowed limited access control ...