httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "congo thomas" <apa...@thva.dk>
Subject Re: [users@httpd] AllowOverride
Date Tue, 17 Jan 2012 12:52:36 GMT
I am having the <Directory /> set to None for allowoverride.
My problem persists in having this set:

<VirtualHost *:80>
...
<Directory /var/www/website/>
AllowOverride FileInfo
</Directory
...
</VirtualHost>

- following restart apache, and then (executed as website-user in this case):
$ touch /var/www/website/.htaccess
$ chmod 644 /var/www/website/.htaccess
$ cat "<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>" > /var/www/website/.htaccess


For instance this should work:
http://website/hello-world/ - however, that gives my 404, hence the
htaccess file is not respected.
So when I go to <Directory /> and adjust setting for AllowOverride to
FileInfo instead of None, then http://website/hello-world/ works fine and
returns 200.
In other cases its basic auth using htpasswd file that is not respected
due to this global option being set to None. Is there another flag that i
should raise, to allow overriding globals, inside a vhost container?


Thomas



On Tue, January 17, 2012 00:58, Igor Cicimov wrote:
> This should absolutely work. From the documentation:
>
> For security and performance reasons, do not set AllowOverride to anything
> other than None in your <Directory /> block. Instead, find (or create) the
> <Directory> block that refers to the directory where you're actually
> planning to place a .htaccess file.
>
> What is exactly not working and how are you testing?
>
> On Tue, Jan 17, 2012 at 9:42 AM, congo thomas <apache@thva.dk> wrote:
>
>> Hello world,
>>
>> I am being bullied by the security considerations of a standard apache
>> installation on centos-5.6 and rhel-6 aswell - these apache are recent
>> flavors from the respective repos of these platforms.
>>
>> The problem is this snippet from httpd.conf
>> ##
>> <Directory />
>>  Options FollowSymLinks
>>  AllowOverride None
>> </Directory>
>> ##
>>  are causing any htaccessfile not to be respected, then one might think,
>> i
>> will adjust that in my vhost for this particular directory where i have
>> a
>> .htaccess file. However that just will not work, nor with AllowOverride
>> FileInfo or AllowOverride All, like so:
>> <Directory /var/www/website/>
>>  AllowOverride FileInfo
>> </Directory>
>>
>> So i thought to put it inside httpd.conf with the exact catalogue name
>> that is used in the vhostsfile - not event that allows respecting of the
>> presence of .htaccess file in the catalogue.
>>
>> The goal is to disallow the reading of htaccessfiles (AllowOverride
>> None)
>> in all directories served, besides the one at /var/www/website, its okay
>> if they are not read from /var/www/websites/congo/.
>> Not that i have a few vhost containers, so the generic solution would be
>> appreciated to implement.
>>
>> Ive spend hours locating the problem, and hours trying various
>> combinations and browsing suggestions through - no solution yet...
>>
>>
>>
>> br
>> congo
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message