[Chugalug] Access Control for LAMP

Mike Harrison cluon at geeklabs.com
Fri Oct 5 17:39:33 UTC 2012


>
> http://username@passwordtoken:server/internalapp

https. Always https.

and you never do that with microsoft systems, that URL gets
logged and cached in interesting places that trojans go looking for.

And it won't work with MSIE because they were comprimised so many times 
with such things. I forgot when the turned it off, but it was in response 
to it being abuses a lot.






More information about the Chugalug mailing list