httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "congo thomas" <apa...@thva.dk>
Subject Re: [users@httpd] AllowOverride
Date Thu, 19 Jan 2012 20:19:33 GMT
Hello world,

am i the only one with this trouble?

br
congo thomas

On Tue, January 17, 2012 13:52, congo thomas wrote:
> I am having the <Directory /> set to None for allowoverride.
> My problem persists in having this set:
>
> <VirtualHost *:80>
> ...
> <Directory /var/www/website/>
> AllowOverride FileInfo
> </Directory
> ...
> </VirtualHost>
>
> - following restart apache, and then (executed as website-user in this
> case):
> $ touch /var/www/website/.htaccess
> $ chmod 644 /var/www/website/.htaccess
> $ cat "<IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteBase /
> RewriteRule ^index\.php$ - [L]
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteRule . /index.php [L]
> </IfModule>" > /var/www/website/.htaccess
>
>
> For instance this should work:
> http://website/hello-world/ - however, that gives my 404, hence the
> htaccess file is not respected.
> So when I go to <Directory /> and adjust setting for AllowOverride to
> FileInfo instead of None, then http://website/hello-world/ works fine and
> returns 200.
> In other cases its basic auth using htpasswd file that is not respected
> due to this global option being set to None. Is there another flag that i
> should raise, to allow overriding globals, inside a vhost container?
>
>
> Thomas
>
>
>
> On Tue, January 17, 2012 00:58, Igor Cicimov wrote:
>> This should absolutely work. From the documentation:
>>
>> For security and performance reasons, do not set AllowOverride to
>> anything
>> other than None in your <Directory /> block. Instead, find (or create)
>> the
>> <Directory> block that refers to the directory where you're actually
>> planning to place a .htaccess file.
>>
>> What is exactly not working and how are you testing?
>>
>> On Tue, Jan 17, 2012 at 9:42 AM, congo thomas <apache@thva.dk> wrote:
>>
>>> Hello world,
>>>
>>> I am being bullied by the security considerations of a standard apache
>>> installation on centos-5.6 and rhel-6 aswell - these apache are recent
>>> flavors from the respective repos of these platforms.
>>>
>>> The problem is this snippet from httpd.conf
>>> ##
>>> <Directory />
>>>  Options FollowSymLinks
>>>  AllowOverride None
>>> </Directory>
>>> ##
>>>  are causing any htaccessfile not to be respected, then one might
>>> think,
>>> i
>>> will adjust that in my vhost for this particular directory where i have
>>> a
>>> .htaccess file. However that just will not work, nor with AllowOverride
>>> FileInfo or AllowOverride All, like so:
>>> <Directory /var/www/website/>
>>>  AllowOverride FileInfo
>>> </Directory>
>>>
>>> So i thought to put it inside httpd.conf with the exact catalogue name
>>> that is used in the vhostsfile - not event that allows respecting of
>>> the
>>> presence of .htaccess file in the catalogue.
>>>
>>> The goal is to disallow the reading of htaccessfiles (AllowOverride
>>> None)
>>> in all directories served, besides the one at /var/www/website, its
>>> okay
>>> if they are not read from /var/www/websites/congo/.
>>> Not that i have a few vhost containers, so the generic solution would
>>> be
>>> appreciated to implement.
>>>
>>> Ive spend hours locating the problem, and hours trying various
>>> combinations and browsing suggestions through - no solution yet...
>>>
>>>
>>>
>>> br
>>> congo
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message