I also noticed, when looking through the access logs, that there are numerous calls to PROPFIND (that all meet a 405 server response). My question is, is there a way to not allow a PROPFIND request? I have a section of a sample httpd.conf file, but I am not sure what to do with it. Any help would be much appreciated.
From the access logs (**** are used to replace actual directory names that I cannot show):
Code: Select all
69.109.252.201 - - [16/Sep/2006:00:00:02 -0700] "PROPFIND /**** HTTP/1.1" 405 22869
69.109.252.201 - - [16/Sep/2006:00:00:23 -0700] "PROPFIND /**** HTTP/1.1" 405 22869
69.109.252.201 - - [16/Sep/2006:00:00:33 -0700] "PROPFIND /**** HTTP/1.1" 405 22869
66.234.220.62 - - [16/Sep/2006:01:41:31 -0700] "PROPFIND /SysVol HTTP/1.1" 405 22869
66.234.220.62 - - [16/Sep/2006:01:41:31 -0700] "PROPFIND /SysVol HTTP/1.1" 405 22869
71.202.249.191 - - [16/Sep/2006:07:01:06 -0700] "PROPFIND /SysVol HTTP/1.1" 405 22869
71.202.249.191 - - [16/Sep/2006:07:01:06 -0700] "PROPFIND /**** HTTP/1.1" 405 22869
71.202.249.191 - - [16/Sep/2006:07:01:06 -0700] "PROPFIND /SysVol HTTP/1.1" 405 22869
71.202.249.191 - - [16/Sep/2006:07:01:08 -0700] "PROPFIND /**** HTTP/1.1" 405 22869Code: Select all
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
# You must correct the path for the root to match your system's configured
# user directory location, e.g. "C:/WinNT/profiles/*/My Documents/My Website"
# or whichever, as appropriate.
#
#<Directory "C:/Documents and Settings/*/My Documents/My Website">
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>