httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch>
Subject Re: Way to disable non-vhost requests?
Date Sun, 01 Sep 2013 11:20:55 GMT
Am Montag, 19. August 2013, 08:26:57 schrieb Rainer Jung:
> On 18.08.2013 18:55, Stefan Fritsch wrote:
> > for setups that only use virtual hosts, it can be useful to deny
> > requests in the main server context with a meaningful error
> > message. This can make debugging configuration errors much
> > easier.
> > 
> > AFAICS, there is no easy way to achieve this. Or did I miss
> > something? Any opinions about adding a new config directive for
> > this purpose? If yes, how should this be named?
> > AllowNonVHostRequests (with a default of 'yes')?
> > 
> > An alternative would be to expose server_rec->is_virtual in the
> > expressoin parser and have the admin add an appropriate <If>
> > section to deny access. However this has higher overhead at run
> > time and the error message in the log would be less descriptive.
> I might have overlooked something stupid, but why not using a
> _default_ vhost and disabling all requests there? I thought it
> would be a catchall and its config is not being merged to the other
> vhosts.

True, I didn't think of that. _default_ is gone in 2.4, but * should 
work. I was looking for something to use in the Debian default 
configuration, though, and there it should be still be possible for 
the admin to easily use a "<VirtualHost *>" if he wants. But maybe 
that would still work if I put my catch-config-errors vhost after the 
virtual hosts configured by the admin. I will have to check.

View raw message