mod_rootme broken in 2.4.18-2ubuntu3.2, requires config change

[jeffmcjunkin]

https://launchpad.net/ubuntu/+source/apache2/2.4.18-2ubuntu3.2

Fix is to add HttpProtocolOptions Unsafe to Apache configuration, for example as follows:

echo HttpProtocolOptions Unsafe >> /etc/apache2/apache2.conf

Hint to future GitHub-stalkers: Yes, at least one Counter Hack challenge may use this backdoor :P

[sajith]

Thanks for the report, Jeff! And apologies about being such a laggard.

I am not really the upstream maintainer of this code, but I suppose I could at least keep the README up-to-date. I will update it.

[jeffmcjunkin]

Thanks, @sajith! I didn't expect the code to be "maintained" in that sense, I was just looking to document the issue somewhere.