httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From O-One <>
Subject [users@httpd] Securing Apache under Windows
Date Tue, 28 Dec 2004 04:58:00 GMT
Hello all, 

I am trying to add some security other than ssl on my
Apache. In looking at the Apache Documentation, I saw
that the following 3 should be included in the
httpd.conf file.

Protecting System Settings

<Directory /> 
AllowOverride None 

Protect Server Files by Default

<Directory /> 
Order Deny,Allow 
Deny from all 

<Directory /usr/users/*/public_html> 
Order Deny,Allow 
Allow from all 
<Directory /usr/local/httpd> 
Order Deny,Allow 
Allow from all 

I also have below a portion of my httpd.conf file.

<Directory "C:/Apache Group/Apache2/dede/public_html">

# Possible values for the Options directive are
"None", "All",
# or any combination of:
#   Indexes Includes FollowSymLinks
SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly*
--- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and
important.  Please see
# for more information.
    Options Indexes FollowSymLinks

# AllowOverride controls what directives may be placed
in .htaccess files.
# It can be "All", "None", or any combination of the
#   Options FileInfo AuthConfig Limit
    AllowOverride None

# Controls who can get stuff from this server.
    Order allow,deny
    Allow from all


I am not so good with Apache yet, so I need help in
understanding all this. 

The last part of my snippet controls who can get
stuff, should this be "ALLOW FROM ALL" or Deny from
all and if I deny from all, does that mean no one can
browse the site.

Secondly, where in my httpd.conf file do I include
those 3 items recommended? Or do I need not include

Thank you all in advance.


Do you Yahoo!? 
Dress up your holiday email, Hollywood style. Learn more.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message