> Why .htaccess? Security tip #1 should be 'disable .htaccess'. Performance > tip #1 too.
I'm not running a vhost clients can control. I'm running a vhost for production sites my dev team manages, and I don't always want my dev team restarting Apache to make changes. Also, .htaccess is in version control (along with all other important app and config files). Aside from the chance your users will modify .htaccess, why would you disallow .htaccess? I assume disallowing overrides allows you to set permissions and behavior in stone. But, it sure makes for a nice tool to handle redirect changes, new file type restrictions, etc. -- Jason N --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
