httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chittaranjan Mandal" <Chittaranjan.Man...@iitkgp.ac.in>
Subject Re: [users@httpd] url rewriting for non-~ user home dirs.
Date Thu, 08 Jul 2004 13:47:28 GMT
[Reply to message from "Joshua Slive" on Thursday 08 Jul 2004 6:45 pm]

> > The following lines enable me to access home directories using urls of
> > the form: http://<domain>/people/user.name/<tail> instead of
> >       http://<domain>/~user/<tail>
> >
> > How can I suppress direct access to user home directories using urls of
> > the form http://<domain>/~user/<tail> altogether?
>
> Remove the module mod_userdir or change "UserDir public_html" to
> "UserDir disabled".
But I do need suExec to work so that user cgi-bin programs run with the the
corresponding user-ids. If I am not mistaken, suExec relies on urls starting
with ~user to do that.

In fact, I found that any rewriting of cgi-bin urls causes suExec to fail.
Is that expected or a bug with suExec?

For example, if I rewrite /~user/cgi-bin/XYZ/tail to /~user/cgi-bin/tail/
suExec do not work anymore, and the script runs with the uid of apache.

The following rewriting scheme solved my problem, without distrubing suExec.

<IfModule mod_rewrite.c>

RewriteEngine on
RewriteMap    lowercase      int:tolower
RewriteMap    name-to-login  txt:/home/common/http/map.name-to-login

RewriteCond   %{REMOTE_ADDR}   !^WEB\.SERVER\.IP\.ADDR$
RewriteRule   ^/~.*$           - [F]

RewriteRule   ^/people/([^/]+)(.*)$           /people/${lowercase:$1}$2
RewriteRule   ^/people/([^/]+)/cgi-bin/(.*)$  /~${name-to-login:$1|nobody}/cgi-bin/$2 [P]
RewriteRule   ^/people/([^/]+)(.*)$           /~${name-to-login:$1|nobody}/public_html/$2

</IfModule>

-Chitta

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message