On 25/11/2009 16:13, Jonathan Mast wrote:
Can someone please provide the magical httpd config-cantation that will
block httpd from accessing anything in WEB-INF directories?
I need something that will be apply globally and can't be overridden by
VirtualHost directives. I've dug around the httpd config documentation and
I'm just not understanding it, everything I've tried just hasn't worked.
thanks
httpd 2.2
Tomcat 6.0
At a guess, I'd say you've published, via HTTPD, the web application
directory.
This is one of the reasons we advise users not publish webapp
directories via HTTPD. Using a separate webapps and document root is
advisable.
E.g.
/path/to/site.com/httpdocs
/path/to/site.com/httpdocs/index.html
/path/to/site.com/httpdocs/images/
/path/to/site.com/httpdocs/scripts/
/path/to/site.com/webapps
/path/to/site.com/webapps/ROOT
/path/to/site.com/webapps/myapp
If this isn't the case, you'll have to supply information about your
mod_jk / mod_proxy config so we can see what you're doing.
p
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
