httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Bowen <rbo...@rcbowen.com>
Subject Re: [users@httpd] Revisited: 500 internal server error, new problem
Date Fri, 03 Sep 2010 20:11:01 GMT
If someone is telling you that "deny *everything*" is valid Apache  
httpd syntax, you can rest assured that they don't know what they're  
talking about, and you might want to find support elsewhere.

Additionally, <Directory> blocks are not permitted in .htaccess files.

I would strongly encourage you to point this "developer" here, as they  
might benefit from our help.

Meanwhile, I would encourage you to read these:

http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow



> Only problem is, the developer is now claiming that by taking that  
> one line out, that I may as well take the entire directive set that  
> they recommend out of my conf.d config file for this domain, because  
> that one line if removed, disables all the protections provided in  
> their new .htaccess files that came with Zen Cart.  Funny though, I  
> could not get his install scripts to run without all the rest of the  
> directives I left in.
>
> So anyway he claims that there is a way to configure my Apache 2.2.3  
> server which would make use of the deny *everything* line in my  
> conf.d file and provide full protection.  So I am now wondering what  
> I need to do to set the switch to enable Apache to use this line and  
> provide full protection.  Something in the main httpd.conf file?
>
> He claims that this is out of the scope of their support arena, the  
> server settings that utilize his above suggested (actually required  
> for install) directives.
>
> Thanks for any advice here.
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

--
Rich Bowen
rbowen@rcbowen.com




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message