httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Heinze, Sven" <Sven.Hei...@kla-tencor.com>
Subject RE: .htaccess file retrieved by browser
Date Fri, 17 May 2002 07:27:48 GMT
i was just wondering if this:

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

would not have an effect on .htm and .html files too ?

-----Original Message-----
From: Zac Stevens [mailto:burritob@cryptocracy.com]
Sent: Friday, May 17, 2002 2:23 AM
To: users@httpd.apache.org; Dummy
Subject: Re: .htaccess file retrieved by browser


Hola Andres,

On Thu, May 16, 2002 at 07:12:51PM -0500, Dummy wrote:
> I don't know if this behavior occurs by design, or is a reported bug in
> Apache, or even if it is a particular configuration problem.
> 
> Isn't Apache supposed not to serve this kind of files? Is there some
> httpd.conf directive I can turn on to solve this?

You'll need the following in your configuration:

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

This is in the sample configuration distributed with Apache these days.
Apache 1.3.12 is pretty long in the tooth and contains several security
problems.  I gather from your post that you aren't responsible for the
Apache installation itself - in which case you may wish to ask your
provider to upgrade to the current version.

Hope that helps,


Zac

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message