This plugin finds .htaccess misconfigurations in the LIMIT configuration parameter. This plugin is based on a paper written by Frame and madjoker from kernelpanik.org. The paper is called : “htaccess: bilbao method exposed” The idea of the technique (and the plugin) is to exploit common misconfigurations of .htaccess files like this one: <LIMIT GET> require valid-user </LIMIT> The configuration only allows authenticated users to perform GET requests, but POST requests (for example) can be performed by any user.
This plugin doesn’t have any user configured options.
This plugin has no dependencies.