LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Help me understand Apache access controls (https://www.linuxquestions.org/questions/linux-newbie-8/help-me-understand-apache-access-controls-4175466840/)

chicken76 06-21-2013 02:41 AM
Help me understand Apache access controls
 
I have the following section in my Slackware 14's default Apache configuration:
Code:
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
    AllowOverride none
    Require all denied
</Directory>
I thought that specifically allowing access in each <Virtualhost *:80> directive (through a <Directory /path> directive) would override that general block, but it doesn't. I can't access any site unless I comment that section out, or I replace it with:
Code:
<Directory />
    AllowOverride all
    Order Deny,Allow
    Allow from all
</Directory>
So what's going on here?
I do like the idea of blocking everything by default and only allowing access to specific folders, but how do I implement it?
With that first section commented out, everything works, but I'm also open to all sort of exploits, right?

vishesh 06-21-2013 04:53 AM
AllowOverride directive allow overriding through .htaccess file inside directory. Why you create directory section for directories which need to be allowed

<directory path_of_directory>
Order Deny,Allow
Allow from all
</directory>

OR

<directory path_of_directory>
Require all granted
</directory>

Thanks


All times are GMT -5. The time now is 12:09 PM.