Re: [suse-security] Apache <Files>...</Files> problem

[suse@xxxxxxxxxxxx]

Hi Joe.

I have downloaded the latest version of apache 2.0.55.

Used their httpd-std.conf as base point to work with.

Went through that file, and added my own config Include 
files in the appropriate places. Still have the problem.

Do you have any links to a minimal httpd.conf that I can 
start again with please?

Keith

 

On Sun, 1 Jan 2006, Joe Knall wrote:

> To: suse-security@xxxxxxxx
> From: Joe Knall <joe.knall@xxxxxxx>
> Subject: Re: [suse-security] Apache <Files>...</Files> problem
> 
> 
> This should hide the directory apache-test/ in the directory listing of 
> computing/, deny access to computing/apache-test/ for anyone and 
> additionally somewhat superfluous deny access for anyone to *.php files 
> within computing/apache-test/
> That's also exactly what happens on my server with that config.
> 
> That's really astonishing, this should not work with that config and 
> also doesn't on my server.
> 
> I assume most probably you have an additional directive somewhere that 
> interferes with the above one or you might have mixed up different 
> config files, startup scripts, posted a cutout of the wrong file or 
> so... Otherwise this could be a serious bug.
> First you should check this with a new, very minimalistic httpd.conf 
> that you expand step by step with single directives of the current conf 
> up to the point where this strange behaviour appears.
> Hope this helps a bit,
> Joe 

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here