Template: dpkg-www/update-apache-config
Type: note
_Description: Disabling access to dpkg-www from foreign hosts.
 Allowing access to /cgi-bin/dpkg from any foreign host could allow a
 malicious external user to know your installed packages and try possible
 security exploits. You should therefore disable access to dpkg-www from
 foreign hosts. With apache you should add a file with the following
 instructions into apache conf.d directory:
 .
    # Disable execution of dpkg from remote hosts
    <Location /cgi-bin/dpkg>
        order deny,allow
        deny from all
        allow from localhost
        allow from .your.domain
    </Location>
 .
 The dpkg-www installation script will automatically install a default
 configuration file in /etc/{apache,apache2}/conf.d. If you are using a
 different httpd server you should make the appropriate changes in the
 proper httpd config file.
