2 posts • joined Saturday 20th June 2009 19:43 GMT
"For example, the Event MPM effectively nullifies this attack, and was first included in a production release of Apache in 2005."
It may well be included in production releases of Apache, but the documentation for the latest release says:
"This MPM is experimental, so it may or may not work as expected." (http://httpd.apache.org/docs/2.2/mod/event.html).