httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject [users@httpd] mod_access problem
Date Fri, 21 Sep 2007 11:01:13 GMT

When I use the mod_access directives to limit access to certain files or
commands, they just seem to be ignored. For example, to disable
downloading of .htaccess and .htpasswd files I use the (almost) standard
rules of:

---  example ---
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
--- /example ---

As far as I know this should disallow anyone (including users logging in
through HTTP AUTH) to open the .ht* files. But if I try to download
them, they can be opened.
The same problem goes for any other access limiting based on IP.

---  server info (first part of mod_info) ---

                         Apache Server Information

   Server Settings, mod_dav_fs.c, mod_dav.c, mod_suexec.c,
          mod_python.c, mod_perl.c, mod_php5.c, mod_ssl.c, mod_info.c,
          mod_userdir.c, mod_status.c, mod_setenvif.c,
          mod_mime.c, mod_log_config.c, mod_include.c, mod_expires.c,
          mod_env.c, mod_dir.c, mod_cgi.c, mod_autoindex.c,
          mod_auth_dbm.c, mod_auth.c, mod_alias.c, mod_actions.c,
          mod_access.c, mod_so.c, http_core.c, prefork.c, core.c

   Server Version: Apache/2.0.53 (Linux/SUSE)
   Server Built: Aug 30 2006 13:14:23
   API Version: 20020903:9
--- /server info (first part of mod_info) ---

I'm running Suse 9.3 and don't want to change OS or upgrade to a newer
version (of the OS as well as Apache), so I hope someone can find a
solution without having to do this.

Thanks in advance,

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message