On 09.08.2010 03:28, Leon Kolchinsky wrote:
On Thu, Aug 5, 2010 at 18:26, Rainer Jung<rainer.j...@kippdata.de> wrote:
On 05.08.2010 03:30, Leon Kolchinsky wrote:
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
Unrelated: Don't like the JkRequestFormat. Instead would use so called
"notes" to add the info directly to the access log.
Are you talking about "mod_log_config" (
http://tomcat.apache.org/connectors-doc/reference/apache.html)?
Yes, exactly. mod_jk sets so called notes, which you can add to your
standard AccessLog using them in a CustomLog format.
# Globally deny access to the WEB-INF directory
<LocationMatch '.*WEB-INF.*'>
AllowOverride None
deny from all
</LocationMatch>
Unrelated: The application directory usually should not be reachable at all
by Apache.
So, Is it safe to remove those<LocationMatch
'.*WEB-INF.*'>.....</LocationMatch> lines?
It depends :)
If Apache can't see those directories, then "yes". If you have them in
directories visble by Apache and allowed to be served, then "no" and
instead the question would be: why is Apache allowed to see (and serve)
them.
See and serve would mean: under htdocs or some other directory that is
not secured. Usually "Directory /" has "deny from all" (secured) so
Apache doesn't serve arbitrary content, and htdocs and some individually
configured dirs like for the manual and icons are "allow from all".
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
