Hi I need confirmation (mainly for some peace of mind, but also because reading google results, all sorts of questions from in my head). I have a user messing with a site using HTTP PUT to upload files. The user has access privileges to use a simple CMS (although for the time being now, they're revoked). Will switching off the permission for "WebDAV access" prevent any successful PUT or do we need to take further actions? We also allow FTP access to certain directories. Can this be abused to upload files elsewhere? Here's a log entry: 10.0.9.1 - potter [03/May/2006:17:02:02 +0100] "PUT /site/microsites/ harry/home/Home Page/page/add_block?block=1/ter_restrnt.jpg HTTP /1.1" 204 221 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.7.12) Gecko/20050915" 10.0.9.1 - potter [03/May/2006:17:02:02 +0100] "PUT /site/microsites/ harry/home/Home Page/page/add_block?block=1/small_show.jpg HTTP/ 1.1" 204 221 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.7.12) Gecko/20050915" 10.0.9.1 - potter [03/May/2006:17:02:03 +0100] "PUT /site/microsites/ harry/home/Home Page/page/add_block?block=1/small_c-exhibition00 31.jpg HTTP/1.1" 204 221 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915" 10.0.9.1 - potter [03/May/2006:17:02:04 +0100] "PUT /site/microsites/ harry/home/Home Page/page/add_block?block=1/College Logo.jpg HTT P/1.1" 204 221 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.7.12) Gecko/20050915" 10.0.9.1 - potter [03/May/2006:17:02:04 +0100] "PUT /site/microsites/ harry/home/Home Page/page/add_block?block=1/page/Home Page HTTP/ 1.1" 204 221 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: 1.7.12) Gecko/20050915" Thanks for any help. DR