|
Hi all,
is the intended behaviour of ProxyPass(Match)-Directives to ignore .htaccess files? And is there any way to change this? Version used: Apache httpd 2.4.9 Operating System: SUSE Linux Enterprise Server 11.3 (x86_64) Context: PHP is enabled via mod_proxy(_fcgi), but using this configuration- snippet in vhost-context <LocationMatch .*\.php$ > ProxyPass unix:/var/run/php-fpm.sock|fcgi://localhost/ </LocationMatch> with the following .htaccess-Directive in the DocumentRoot Require all denied results in the following situation: Access to php-files isn't denied - they are served - but non-PHP-ressources like css- or js-files aren't served ( => strange output). Same Problem when proxying is realized via ip-adress or rewrites: RewriteRule (.*\.php)$ fcgi://localhost:9000/$1 [P] Please Note: I know I can configure stuff like access control in <Location(Match)>-context in the server configuration. And I know .htaccess files have "performance, security, and management downsides" (cit. Mark Montague). The problem: Non-privileged users (~1200) who are only allowed to modify their .htaccess-files for rewrites or access controls. Even if they had access to their vhost context the migration effort grows exponentially since htaccess-files are status quo... Thanks in advance for your effort. Kind regards, Tobias Adolph |
|