On August 23, 2012 12:18 , Konrad Neuwirth <konrad@xxxxxxxxxxxxxxxx> wrote:
It appears, to me, that the proxy directive takes precedence over the access restrictions placed into the directory, and I do not know how to reverse that ordering.
The appropriate snipped of our httpd configuration is:
<Directory [USER PATH]/redaxo/include>
Require all denied
</Directory>
<LocationMatch ^(.*\.php)$>
ProxyPass fcgi://127.0.0.2:9136/[USER PATH]
</LocationMatch>
No, <Location> and <LocationMatch> take precedence over <Directory>. See https://httpd.apache.org/docs/2.2/sections.html#mergin
One solution is to put the proxy configuration into the <Directory> section instead of the <LocationMatch> section. However, https://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass says "This directive is not supported in <Directory> or <Files> sections". So you may want to try using mod_rewrite's RewriteRule directive with the [P] flag: https://httpd.apache.org/docs/2.2/rewrite/flags.html#flag_p
A better solution, in my opinion, is to not use .htaccess files at all: they have performance, security, and management downsides. Put the access restrictions into the above <LocationMatch> block instead.
-- Mark Montague mark@xxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|