Jump to content
Froxlor Forum
  • 0

Missing directives in Apache domain configuration


Warlock

Question

Hi,

 

I have disabled the access to the entire file system except the directories that are explicitely allowed later:

<Directory />
       AllowOverride All
       Order Deny,Allow
       Deny from all
</Directory>

 

In a typical vhost configuration file with PHP enabled, I get the following part (note the "order allow,deny" and "allow from all"):

<Directory "/var/www/webs/demo/domain1/">
   AddHandler fcgid-script .php .php3 .php4 .php5
   FCGIWrapper /var/www/fcgi/demo/...
   Options +ExecCGI
   Order allow,deny
   allow from all
 </Directory>

 

The problem is now that the directive <directory> including the "Order allow,deny" and "allow from all" is missing if I have a vhost where PHP is disabled.

Is this a bug?

Link to post
Share on other sites

3 answers to this question

Recommended Posts

Hi,

 

You could put such a permissions - block inside the main apache-config for /var/www/, as this is the default on most distributions.

 

Best regards,

Florian

 

Where do you mean exactly with "main apache-config"? The configuration files of apache outside froxlor in /etc/apache2 (I'm running Debian Lenny)?

I know that, one can even use regular expressions in the directive.

 

But the actual reason why I have created this topic is the following question: Why is the directive with "order allow,deny" only present when PHP is enabled? This should be also the case without PHP.

This questions is of particular importance because the "order deny,allow" which disables the access to the entire file system at first will be the default for releases after lenny.

 

Original Debian Lenny configuration file snippet:

# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages. It will be made the default for the release after lenny.
#
<Directory />
       AllowOverride All
       Order Deny,Allow
       Deny from all
</Directory>

 

Cheers,

Warlock

Link to post
Share on other sites

The problem is now that the directive <directory> including the "Order allow,deny" and "allow from all" is missing if I have a vhost where PHP is disabled.

Is this a bug?

 

Well, we never expected that anyone would configure his server like this, but in this case, yes, it looks like a bug, so we have to add an "Allo from all" even if php is disabled as far as i can see

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...