httpd-wiki-changes mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpd Wiki] Update of "DebianDeb0rkification" by jmcg
Date Fri, 10 Jul 2009 11:01:26 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The following page has been changed by jmcg:
http://wiki.apache.org/httpd/DebianDeb0rkification

------------------------------------------------------------------------------
  
  We defused the danger of ambiguity, by changing and moving the ''NameVirtualHost *:80''
directive above the ''Include'' line for the virtual hosts, thus enabling new administrators
to simply copy, paste, and edit this file.
  
+ === mods-enabled ===
+ ''a2enmod'' and ''a2dismod'' can be used to link configuration sinplets from ''mods-available''
to ''mods-enabled'' which then get's included into ''apache2.conf''. This is supposed to ease
administration. 
+ Yet special caution has to be taken with certain modules when enabled in Debian. An wiki
page has already been devoted to [http://wiki.apache.org/httpd/DebianPHP PHP].
+ 
+ Another module worth mentioning is ''mod_proxy''. It's default configuration is that of
a Reverse-Proxy, and this is emphasized in Debian's default config:
+ {{{
+ <IfModule mod_proxy.c>
+         #turning ProxyRequests on and allowing proxying from all may allow
+         #spammers to use your proxy to send email.
+ 
+         ProxyRequests Off
+ 
+         <Proxy *>
+                 AddDefaultCharset off
+                 Order deny,allow
+                 Deny from all
+                 #Allow from .example.com
+         </Proxy>
+ 
+         # Enable/disable the handling of HTTP/1.1 "Via:" headers.
+         # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
+         # Set to one of: Off | On | Full | Block
+ 
+         ProxyVia On
+ </IfModule>
+ }}}
+ Now the problem here is the directive {{{Deny from all}}}, which effectively denies access
to the proxy, leading to {{{403 Errors}}} ClientDeniedByServerConfiguration errors in the
ErrorLog.
+ 

Mime
View raw message