I need to add to prevent attack:
# a2enmod headers
RequestHeader unset Range
RequestHeader unset Request-Range
Where I can add it? This is my htttp.conf, maybe another file?
<VirtualHost *>
ServerName www.example.com
DocumentRoot /path/
<Location "/">
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE projectname.settings
PythonDebug Off
PythonAutoReload Off
PythonPath "['/usr/local/lib/python2.7/dist-packages/django','/usr/local/lib/python2.7/sidt-packages/django/bin/projectname'] + sys.path"
</Location>
<Location "/media/">
SetHandler None
</Location>
<Location "/static/">
SetHandler None
</Location>
</VirtualHost>
Sorry, maybe I'm asking question without preparations, but I need to prevent attacks.
According to:
http://httpd.apache.org/docs/current/mod/mod_headers.html#requestheader
You can set this anywhere. If you are doing it to prevent attacks you probably want to make it global, so put it above your first:
declaration.
according to Apache documentation context have to be: Context: server config, virtual host, directory, .htaccess
so, not "anywhere". e.g. not in location context.