From a7cb0f2ff41c84defa02182cb73eff7a74e3d817 Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Mon, 20 Feb 2012 15:01:57 +0100 Subject: [PATCH] lighttpd/stdout.nl: Add authentication for /beef. Beef is a browser exploit framework, useful for testing XSS vulnerabilities. --- etc/lighttpd/vhosts/stdout-nl | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/etc/lighttpd/vhosts/stdout-nl b/etc/lighttpd/vhosts/stdout-nl index 1fbb4e4..1bd9fb8 100644 --- a/etc/lighttpd/vhosts/stdout-nl +++ b/etc/lighttpd/vhosts/stdout-nl @@ -19,4 +19,18 @@ $HTTP["host"] =~ ".stdout.nl$" { # Enable dirlistings for /tmp server.dir-listing = "enable" } + + $HTTP["url"] =~ "^/beef/" { + auth.backend = "htpasswd" + auth.backend.htpasswd.userfile = var.site-dir + "/conf/beef.user" + + auth.require = ( + "/" => ( + "method" => "basic", + "realm" => "Beef", + "require" => "valid-user" + ) + ) + } + } -- 2.30.2