httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] using mod_rewrite to get around unknown directive in .htaccess
Date Wed, 01 Feb 2006 00:46:33 GMT
On 1/31/06, Jason Keltz <jas@cs.yorku.ca> wrote:
> On Tue, 31 Jan 2006, Joshua Slive wrote:

> > Use httpd.conf to turn off .htacess processing (AllowOverride) in the
> > relevant directory inside the <VirtualHost> section for the non-ssl
> > host.
>
> Hi Joshua,
>
> Unfortunately, this won't do it since multiple users can use the
> directives on the https server in any directory.  Is there no
> "IgnoreErrors" directive in .htaccess?  What I really don't get is that if
> I redefine the error message in the top-level .htaccess, that does indeed
> get read which shows that the server reads the top-level .htaccess before
> reading the bottom-level one.  How come an Error code web page
> redefinition works, but a  mod_rewrite rule does not..

It does work.  It is just that apache must ALSO read the .htaccess
file in the subdirectory, since it may have additional RewriteRules
(or other directives) that will change the parent directory
configuration.  And simply ignoring config-file syntax errors would be
a security problem.  You could, of course, simply create a stub module
that impliments the directive as a no-op.  That would be relatively
easy.

You haven't fully specified your problem, so it is difficult to
suggest solutions.  The obvious one is to use
AccessFileName .htaccess-secure .htaccess
on the ssl site.  Then if anyone is using directives that work only on
the ssl server, tell them to rename their .htaccess to
.htaccess-secure.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message