httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brandon Phelps <bphe...@gls.com>
Subject Re: [users@httpd] Quick Allow/Deny Question
Date Fri, 30 Sep 2011 13:14:00 GMT
I guess I am just a little confused as to why there is a <Directory /> at all?  If my
DocumentRoot is set to /var/www then wouldn't that prevent anyone from accessing anything
above /var/www in the directory structure anyway, thus making the <Directory /> kind
of pointless?

On 09/29/2011 06:44 PM, Igor Cicimov wrote:
> Your root directory / should always be Deny from all. Then you allow access to other
directories per need.
>
> On Sep 30, 2011 7:25 AM, "Brandon Phelps" <bphelps@gls.com <mailto:bphelps@gls.com>>
wrote:
>  > Hello all,
>  >
>  > I am a bit confused regarding the difference between:
>  >
>  > <Directory />
>  > Options FollowSymLinks
>  > AllowOverride None
>  > </Directory>
>  >
>  > and:
>  >
>  > <Directory /var/www/>
>  > Options Indexes FollowSymLinks MultiViews
>  > AllowOverride None
>  > Order allow,deny
>  > allow from all
>  > </Directory>
>  >
>  > I am trying to lock down the server to only allow connections from my local subnet,
so should I place these Order/Allow/Deny statements in the / directory block, or the /var/www?
>  >
>  > Thanks!
>  >
>  > ---------------------------------------------------------------------
>  > The official User-To-User support forum of the Apache HTTP Server Project.
>  > See <URL:http://httpd.apache.org/userslist.html> for more info.
>  > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org <mailto:users-unsubscribe@httpd.apache.org>
>  > " from the digest: users-digest-unsubscribe@httpd.apache.org <mailto:users-digest-unsubscribe@httpd.apache.org>
>  > For additional commands, e-mail: users-help@httpd.apache.org <mailto:users-help@httpd.apache.org>
>  >

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message