LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Apache Security
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-03-2008, 03:04 PM   #1
stu_mueller
Member
 
Registered: Aug 2006
Location: England
Distribution: Slackware, Zenwalk
Posts: 114

Rep: Reputation: 15
Apache Security

I have just installed apache and in my http.conf file I have enable the http-vhost.conf

I have then added a virtual host with a documentroot of /media/usb/site

when I go to this site I get permission denied.

After playing about with the http.conf file i discover two lines:
Order deny,allow
Deny from all

I changed these to be:
Order allow,deny
Allow from all

and my site started working.

I changed them back to the original and added them into my <virualhost> tag in http-vhosts.conf but after trying to restart httpd it told me those values can't go there, where should I put them, or should I just change the Order and Allow in the default http.conf file

Stuart
 
Old 06-05-2008, 12:11 AM   #2
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Ubuntu 12.04, Antix19.3
Posts: 3,794

Rep: Reputation: 282Reputation: 282Reputation: 282
Code:
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80

# catch-all
<VirtualHost *:80>
    ServerAdmin a@b.c
    DocumentRoot /srv/httpd/htdocs
    ServerName btd-techweb02
</VirtualHost>

# site 1
<VirtualHost *:80>
    ServerAdmin a@b.c
    DocumentRoot /home/wim/www/site1/web
    ServerName site1.btd-techweb02
    ErrorLog /var/log/httpd/error_log
    CustomLog /var/log/httpd/access_log common

#WimS
# this is required to prevent message 403 "Forbidden"
    <Directory "/home/wim/www/site1/web">
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

# site2
<VirtualHost *:80>
    ServerAdmin a@b.c
    DocumentRoot /home/wim/www/site2/web
    ServerName site2.btd-techweb02
    ErrorLog /var/log/httpd/error_log
    CustomLog /var/log/httpd/access_log common

#WimS
# this is required to prevent message 403 "Forbidden"
    <Directory "/home/wim/www/site2/web">
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>
This is how they are in my httpd-vhosts.conf. The documentation in my httpd.conf states that 'we start with a very restrictive setting'. I think that it's always good to start conservative and open up according to your needs.

PS Taken from a standard Slackware 12 install
 
Old 06-05-2008, 04:06 AM   #3
stu_mueller
Member
 
Registered: Aug 2006
Location: England
Distribution: Slackware, Zenwalk
Posts: 114

Original Poster
Rep: Reputation: 15
thanks that worked fine.

I agree though it is always best to start restrictive and allow. rather than the other way around
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache security help sridhar11 Linux - Software 2 03-06-2007 10:05 AM
Apache security ohade Mandriva 1 01-21-2006 05:24 PM
Apache security oldator1940 Linux - Security 5 10-20-2005 09:28 PM
apache security tyler0123 Linux - Security 7 03-26-2005 02:04 PM
apache security depaul Linux - Security 5 12-10-2003 12:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:37 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration