"Deny" directives silently ignored in config files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have a server running Apache HTTPD 2.2.16, installed as Debian
package (Debian Squeeze).

Some time ago, "Deny from XXX" directives were correctly taken into
account, both in .htaccess files and in system-wide configuration files
(/etc/apache2/*). I noticed recently that it is no longer the case. I
suspect that this breakage occured when migrating the server from Debian
Lenny to Debian Squeeze, but I'm not sure.

According to "apachectl -t -D DUMP_PACKAGES", the module
authz_user_module is loaded (it says "(shared)").

I tried the following:

<Location /tmp/>
Order deny,allow
Deny from all
#RewriteEngine On
#RewriteRule . - [F]
</Location>

As it is, the location /tmp/ isn't denied. If I uncomment the Rewrite
rule, it is denied (hence, the config file is read, and the location is
properly specified).

This is a production server so I have limited testing possibilities. I
tried reproducing the problem on a test machine, with the same version
and a full copy of /etc/apache2/ (copied with "rsync -av", only modified
to replace the IP address and DNS name of the server), but the test
machine does not exhibit the problem. I did not copy the files in
DocumentRoot.

I saw nothing in the logs. access.log shows normal accesses (i.e. code
200), and error.log does not change while accessing the pages to be
denied. "apachectl graceful" does not display any warning.

Any idea on what's going on? Where to look for the error?

Thank you very much in advance,

-- 
Matthieu Moy
http://www-verimag.imag.fr/~moy/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux