httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Smith <paullo...@pscs.co.uk>
Subject [users@httpd] Security & Case sensitivity in Windows
Date Wed, 19 Mar 2003 17:30:28 GMT
I've got Apache 1.3.26 for Win32 (yes, I know I should upgrade to 1.3.27..)

Trying to limit access to certain URIs I have a configuration like this:

<VirtualHost 1.2.3.4:80>
	ServerName mysite.co.uk
#blah blah
<Location /admin/>
	order deny,allow
	deny from all
	allow from 192.168.1.1
</Location>
</VirtualHost

On the face of it this should restrict access to the 
'mysite.co.uk/admin/...' directory

In fact, it DOES restrict access to that folder, BUT it does NOT restrict 
access to 'mysite.co.uk/Admin/...' This would be fine on Unix file systems, 
but not on Windows ones, where /admin/ and /Admin/ are the same.

So:
- is there a way to make Apache not case sensitive when checking 
Location/LocationMatch directives
- would upgrading to 2.0.44 solve the problem (I can't see anything obvious 
in the change log, but case insensitivity may have slipped in anyway)
- or have I found a new problem....

Suggestions?

Paul				VPOP3 - Internet Email Server/Gateway
support@pscs.co.uk			http://www.pscs.co.uk/



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message