-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jonathan,
On 11/25/2009 11:13 AM, Jonathan Mast wrote:
> Can someone please provide the magical httpd config-cantation that will
> block httpd from accessing anything in WEB-INF directories?
Order deny,allow
Deny from all
> I need some
You're right I did misunderstand the Location directive. Its at the top of
the config file now, working fine :)
On Wed, Nov 25, 2009 at 1:31 PM, André Warnier wrote:
> Jonathan Mast wrote:
>
>> My understanding of Location directives is that cannot be used with regex
>> and if not then thats no
Jonathan Mast wrote:
My understanding of Location directives is that cannot be used with regex
and if not then thats not what I'm looking for.
Then your understanding of Location directives is wrong.
Why don't you look up the original article ?
http://httpd.apache.org/docs/2.2/mod/core.html#loc
> ... but we're really just guessing what config is already in place - maybe
>> the mod_jk / mod_proxy config could be adjusted instead.
>>
>> Correcting a poor/broken config is a much better solution than attempting,
>> blindly, to stick bandages on an unknown s
ages on an unknown setup.
p
-Original Message-
From: Jonathan Mast [mailto:jhmast.develo...@gmail.com]
Sent: Wednesday, November 25, 2009 6:40 PM
To: Tomcat Users List; p...@pidster.com
Subject: Re: Preventing httpd from accessing WEB-INF contents
yes I am keeping the all the web-ap
Preventing httpd from accessing WEB-INF contents
yes I am keeping the all the web-app stuff in place. I don't have the
time
to re-architect my entire system to your suggested format.
I really need to just prevent httpd from accessing anything with
"WEB-INF"
in the url.
On Wed,
My understanding of Location directives is that cannot be used with regex
and if not then thats not what I'm looking for.
I have multiple contexts underneath multiple (virtual) hosts. I need a
VirtualHost level directive that will block any attempts to access
*/WEB-INF/* on that host.
Adding a n
l.com]
Sent: Wednesday, November 25, 2009 6:40 PM
To: Tomcat Users List; p...@pidster.com
Subject: Re: Preventing httpd from accessing WEB-INF contents
yes I am keeping the all the web-app stuff in place. I don't have the time
to re-architect my entire system to your suggested format.
I real
Am Wed, 25 Nov 2009 11:13:19 -0500
schrieb Jonathan Mast :
> I need something that will be apply globally and can't be overridden
> by VirtualHost directives.
Why don't you use a standard like Location/Order/Deny/Allow in the
vhosts config to deny access to WEB-INF, etc.?
Individual config-fil
yes I am keeping the all the web-app stuff in place. I don't have the time
to re-architect my entire system to your suggested format.
I really need to just prevent httpd from accessing anything with "WEB-INF"
in the url.
On Wed, Nov 25, 2009 at 11:21 AM, Pid wrote:
> On 25/11/2009 16:13, Jonat
On 25/11/2009 16:13, Jonathan Mast wrote:
Can someone please provide the magical httpd config-cantation that will
block httpd from accessing anything in WEB-INF directories?
I need something that will be apply globally and can't be overridden by
VirtualHost directives. I've dug around the httpd
Can someone please provide the magical httpd config-cantation that will
block httpd from accessing anything in WEB-INF directories?
I need something that will be apply globally and can't be overridden by
VirtualHost directives. I've dug around the httpd config documentation and
I'm just not under
12 matches
Mail list logo
