Help me understand Apache access controls
I have the following section in my Slackware 14's default Apache configuration:
Code:
# Deny access to the entirety of your server's filesystem. You must Code:
<Directory /> I do like the idea of blocking everything by default and only allowing access to specific folders, but how do I implement it? With that first section commented out, everything works, but I'm also open to all sort of exploits, right? |
AllowOverride directive allow overriding through .htaccess file inside directory. Why you create directory section for directories which need to be allowed
<directory path_of_directory> Order Deny,Allow Allow from all </directory> OR <directory path_of_directory> Require all granted </directory> Thanks |
All times are GMT -5. The time now is 12:09 PM. |