AE wrote:
Greetings Jirka and others,
I need to better understand what security implications I may have created with
changes made to the httpd.conf file. I appear to have success with my Vhosted
Suse box! Can someone explain the changes I made to the Directory and Should
I use the .htaccess file instead (not that I know how)?
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
It seems the default httpd.conf setting is set to deny everyone access to all
files. I thought this was superseded by the permissions given later in the
section for Vhosts.
Regards,
Albert Engle
On Thursday 02 June 2005 23:56, Jirka Vejrazka wrote:
can anyone explain why both of my vhosted web sites display FORBBIDEN?
What's in your error log file(s) ?
This is starting to become a total deja vu....try the docs on
httpd.apache.org. There is a whole chapter on this in mod_auth
-Patrick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
