httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "congo thomas" <apa...@thva.dk>
Subject [users@httpd] AllowOverride
Date Mon, 16 Jan 2012 22:42:55 GMT
Hello world,

I am being bullied by the security considerations of a standard apache
installation on centos-5.6 and rhel-6 aswell - these apache are recent
flavors from the respective repos of these platforms.

The problem is this snippet from httpd.conf
##
<Directory />
 Options FollowSymLinks
 AllowOverride None
</Directory>
##
 are causing any htaccessfile not to be respected, then one might think, i
will adjust that in my vhost for this particular directory where i have a
.htaccess file. However that just will not work, nor with AllowOverride
FileInfo or AllowOverride All, like so:
<Directory /var/www/website/>
 AllowOverride FileInfo
</Directory>

So i thought to put it inside httpd.conf with the exact catalogue name
that is used in the vhostsfile - not event that allows respecting of the
presence of .htaccess file in the catalogue.

The goal is to disallow the reading of htaccessfiles (AllowOverride None)
in all directories served, besides the one at /var/www/website, its okay
if they are not read from /var/www/websites/congo/.
Not that i have a few vhost containers, so the generic solution would be
appreciated to implement.

Ive spend hours locating the problem, and hours trying various
combinations and browsing suggestions through - no solution yet...



br
congo


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message