[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Apache <Files>...</Files> problem
In normal use yes.
But I set up the directories to disallow access from
localhost and 10.0.0.3 , my laptop on LAN, to test whether
the files were still accessible, even though the server
config should have denied access - for testing purposes.
I then tested for allowing access from localhost, but not
from 10.0.0.3. This worked as expected too.
I think I have isolated the problem as this:
# THIS IS CAUSING THE PROBLEM WITH <Files>...</Files>
# remove the CONNECT bug #
# <Limit CONNECT>
# Order deny,allow
# Deny from all
When I un-comment the above, the error appears. If I
comment out the above, the error goes away.
If anyone else on the list is using this patch, maybe they
need to check out their configuration too.
This has been bugging me for ages.
It's nice to be able to configure apache directories now,
and know what behaviour to expect.
Many thanks to Joe Knall for all his suggestions, and help
by sending me a copy of his httpd.conf file in the early
If anyone else wants a copy of my cut-down httpd.conf file,
then I will be pleased to email it to you off-list. It's
based on Joe's version, but obviously tailored for my
Happy new year to everyone.
On Mon, 2 Jan 2006, Luis Guilherme wrote:
> To: suse@xxxxxxxxxxxx
> From: Luis Guilherme <luis.guilherme@xxxxxxx>
> Subject: Re: [suse-security] Apache <Files>...</Files> problem
> Hi, i think you are denying the access to php files, you should replace
> the second Deny All with Allow all, you want to allow .PHP from client
> connections, right?
> suse@xxxxxxxxxxxx wrote:
> > Well - it works!
> > Thanks very much for all your help Joe.
> > I still don't yet know what the problem was though.
> > I need to fine-tune my config.
> > As I add more to my working httpd.conf file, hopefully I will find
> > out what was causing the original problem.
> > When I discover the error, I will post it on the mailing list.
> > Thanks again
> > Keith
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here