Hi, I have a server running Apache HTTPD 2.2.16, installed as Debian package (Debian Squeeze). Some time ago, "Deny from XXX" directives were correctly taken into account, both in .htaccess files and in system-wide configuration files (/etc/apache2/*). I noticed recently that it is no longer the case. I suspect that this breakage occured when migrating the server from Debian Lenny to Debian Squeeze, but I'm not sure. According to "apachectl -t -D DUMP_PACKAGES", the module authz_user_module is loaded (it says "(shared)"). I tried the following: <Location /tmp/> Order deny,allow Deny from all #RewriteEngine On #RewriteRule . - [F] </Location> As it is, the location /tmp/ isn't denied. If I uncomment the Rewrite rule, it is denied (hence, the config file is read, and the location is properly specified). This is a production server so I have limited testing possibilities. I tried reproducing the problem on a test machine, with the same version and a full copy of /etc/apache2/ (copied with "rsync -av", only modified to replace the IP address and DNS name of the server), but the test machine does not exhibit the problem. I did not copy the files in DocumentRoot. I saw nothing in the logs. access.log shows normal accesses (i.e. code 200), and error.log does not change while accessing the pages to be denied. "apachectl graceful" does not display any warning. Any idea on what's going on? Where to look for the error? Thank you very much in advance, -- Matthieu Moy http://www-verimag.imag.fr/~moy/ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|