httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From htt...@karsites.net
Subject Re: [users@httpd] Filename Access
Date Fri, 30 Dec 2005 13:38:59 GMT

Well Sean - I have commented out the php directives.

*.html files are still accessible as well.

I have put t1.html , t2.htm , and t3.php into the same 
directory. These files are still accessible, and output 
three lines of text.

Here is my complete websites.conf file, that gets included 
into httpd.conf. I'm wondering if it is being included in 
the wrong place in httpd.conf, and causing conflicts with 
how Directry Files and Location sections are parsed.

Does anyone have a link to a minimal httpd.conf file I can 
make a fresh start with. ie what is the very bare minimal 
configuration directives I can get away with for a complete 
httpd.conf file, without SSL or virtual hosts, which I can 
add later?


# default access on root filesystem - www.karsites.net

<Directory />
  DirectoryIndex karsites.hml
  Options None
  AllowOverride None
  Order Deny,Allow
  Deny from all
#  php_admin_value open_basedir '/srv/www/htdocs/:/tmp/'
#  php_admin_flag display_errors OFF
</Directory>

#--------------------------------------------------------------------------

# remove the CONNECT bug # http://bugs.php.net/bug.php?id=19113

<Location />
  <Limit CONNECT>
  Order deny,allow
  Deny from all
  </Limit>
</Location>

#--------------------------------------------------------------------------

# default restrictions on rest of server docs filesystem

<Directory /srv/www/htdocs/KAR/*/>
  # AuthUserFile  /etc/httpd/passwd
  # AuthGroupFile /etc/httpd/group
  Options None
  AllowOverride None
  Order Deny,Allow
  Deny from all
</Directory>

#--------------------------------------------------------------------------

# only localhost can access documentation tree here
 
<Directory /srv/www/htdocs/manual>
  Order deny,allow
  Deny from all
  Allow from localhost
</Directory>

#--------------------------------------------------------------------------

# only localhost and 10.0.0.3 can access development tree 
 
<Directory /srv/www/htdocs/KAR/websites/develop>
  Options None
  Options Indexes
  Order deny,allow
  Deny from all
  Allow from localhost
  Allow from 10.0.0.3
#  php_admin_flag display_errors ON
</Directory>

#--------------------------------------------------------------------------

# only localhost can access intermediate tree

<Directory /srv/www/htdocs/KAR/websites/intermediate>
  Options None
  Options Indexes
  Order deny,allow
  Deny from all
  Allow from localhost
#  php_admin_flag display_errors ON
 </Directory>

#==========================================================================
#         START OF PUBLIC WEBSITE DIRECTORIES & ACCESS PERMISSIONS
#==========================================================================

#--------------------------------------------------------------------------
#    MUXREG WEBSITE ACCESS
#--------------------------------------------------------------------------

# anyone including localhost can access live websites

<Directory /srv/www/htdocs/KAR/websites/live/muxreg/anyuser>
  Options None
  Order deny,allow
  Allow from all
#  php_admin_flag display_errors OFF
</Directory>

#--------------------------------------------------------------------------

# DBA ADMIN PAGES
# only localhost can access the admin pages of this site

<Directory /srv/www/htdocs/KAR/websites/live/muxreg/admin>
  Options None
  Order deny,allow
  Deny from all
  Allow from localhost
#  php_admin_flag display_errors OFF
 </Directory>

#--------------------------------------------------------------------------
#
# SITE DOWN PAGE
# uncomment this section to make muxreg website UNAVAILABLE online
# anyone including localhost can access live websites
#
# <Directory "/srv/www/htdocs/KAR/websites/live/muxreg/sitedown/">
#     Options None
#     Order deny,allow
#     Allow from all
#
#     php_admin_flag display_errors OFF
# </Directory>
#
#--------------------------------------------------------------------------

# anyone can access this public directory tree with dir listings
 
<Directory /srv/www/htdocs/KAR/websites/pub>
  Options None
  Options Indexes
  Order deny,allow
  Allow from all
</Directory>

#--------------------------------------------------------------------------

# access for localhost and 10.0.0.3 only with directory listings
 
<Directory /srv/www/htdocs/KAR/websites/test>
  Options None
  Options Indexes
  Order deny,allow
  Deny from All
  Allow from localhost
  Allow from 10.0.0.3
</Directory>


<Directory /srv/www/htdocs/KAR/websites/test/PHP>
  Options None
  Order deny,allow
  Deny from all
  <Files *.php>
    Order deny,allow
    Deny from all
  </Files>
</Directory>


<Directory /srv/www/htdocs/KAR/websites/pub/computing/apache-test>
  Options None
  Order deny,allow
  Deny from all
  <Files *.html>
    Order deny,allow
    Deny from all
  </Files>
</Directory>


#==========================================================================
#              END OF WEBSITE DIRECTORIES & ACCESS PERMISSIONS
#==========================================================================

# end of websites.conf



On Fri, 30 Dec 2005, Sean Davis wrote:

> To: users@httpd.apache.org
> From: Sean Davis <sdavis2@mail.nih.gov>
> Subject: Re: [users@httpd] Filename Access
> 
> Just a suggestion, but if you take out the .php directives 
> (that allow php script execution) do you get the correct 
> behavior?  Alternatively, if you put a .html file in your 
> test directory, can you still access it?
> 
> Sean

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message