httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "D'Arcy J.M. Cain" <da...@Vex.Net>
Subject Re: [users@httpd] Can't restrict file access
Date Fri, 04 Apr 2014 14:09:48 GMT
On Fri, 4 Apr 2014 08:44:02 -0400
Eric Covener <covener@gmail.com> wrote:
> Maybe you have a <Location> covering the same space with other access
> control? If you overlap directory/files with location, bad things
> happen.

Someone pointed out that the config directives changed in 2.4.  This is
what I have now.

<Files ~ "^\.ht">
    Require all denied
    Satisfy All
</Files>

This works.  I suppose a Location directive would override this but I
don't have one that relaxes this restriction.

I tried the same for my .svn directories but that doesn't work.
Obviously "Files" works on files and not directories.  So I tried the
following.

<Directory ~ "^\.svn">
    Require all denied
</Directory>

This doesn't work.  I believe that this is because I have other
Directory directives that override it.  Would the above work if changed
Directory to a Location directive?  My impression from reading the docs
is that Location is always rooted to the top level.  Will it DTRT if I
leave off the leading slash?

-- 
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:darcy@Vex.Net
VoIP: sip:darcy@Vex.Net

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message