httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rbo...@apache.org
Subject svn commit: r684326 - in /httpd/httpd/trunk/docs/manual/mod: core.html.en core.xml
Date Sat, 09 Aug 2008 20:12:32 GMT
Author: rbowen
Date: Sat Aug  9 13:12:31 2008
New Revision: 684326

URL: http://svn.apache.org/viewvc?rev=684326&view=rev
Log:
Admonish people not to put "AllowOverride All" in <Directory /> and
expect it to do anything useful.

Modified:
    httpd/httpd/trunk/docs/manual/mod/core.html.en
    httpd/httpd/trunk/docs/manual/mod/core.xml

Modified: httpd/httpd/trunk/docs/manual/mod/core.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.html.en?rev=684326&r1=684325&r2=684326&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.html.en Sat Aug  9 13:12:31 2008
@@ -500,6 +500,14 @@
     <code>AuthConfig</code> nor <code>Indexes</code> cause an internal
     server error.</p>
 
+    <div class="note"><p>For security and performance reasons, do not set
+    <code>AllowOverride</code> to anything other than <code>None</code>

+    in your <code>&lt;Directory /&gt;</code> block. Instead, find (or
+    create) the <code>&lt;Directory&gt;</code> block that refers to the
+    directory where you're actually planning to place a
+    <code>.htaccess</code> file.</p>
+    </div>
+
 <h3>See also</h3>
 <ul>
 <li><code class="directive"><a href="#accessfilename">AccessFileName</a></code></li>

Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=684326&r1=684325&r2=684326&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Sat Aug  9 13:12:31 2008
@@ -461,6 +461,14 @@
     <p>In the example above all directives that are neither in the group
     <code>AuthConfig</code> nor <code>Indexes</code> cause an internal
     server error.</p>
+
+    <note><p>For security and performance reasons, do not set
+    <code>AllowOverride</code> to anything other than <code>None</code>

+    in your <code>&lt;Directory /&gt;</code> block. Instead, find (or
+    create) the <code>&lt;Directory&gt;</code> block that refers to the
+    directory where you're actually planning to place a
+    <code>.htaccess</code> file.</p>
+    </note>
 </usage>
 
 <seealso><directive module="core">AccessFileName</directive></seealso>



Mime
View raw message