Dear group, I finally started to migrate an Apache 2.2 config to 2.4. I've read the migration document at https://httpd.apache.org/docs/trunk/upgrading.html#run-time but I have a hard time understanding the new access control model. My config is mainly VirtualHost sections, in some of them I do have Directory or Location directives, but others are pretty basic, for example this one: -- <VirtualHost *:80> DocumentRoot "/webspace/example.org/blog" ServerName blog.example.org CustomLog /var/log/httpd/example-access.log combined ErrorLog /var/log/httpd/example-error.log </VirtualHost> -- This used to work fine in 2.2 that way but in 2.4 I get an access denied by default. In my httpd.conf shipped by FreeBSD I see: -- # # Deny access to the entirety of your server's filesystem. You must # explicitly permit access to web content directories in other # <Directory> blocks below. # <Directory /> AllowOverride none Require all denied </Directory> -- So my interpretation is that I have to explicitly allow access to any other directory, even those in VirtualHost sections. If I add -- <Directory "/"> Require all granted </Directory> -- This seems to work. So I wonder what best practices is, should I add this to each VirtualHost so the permission is explicitly set or would I change the default access that currently denies it? Or am I completely on the wrong track? I've tried to google a bit on the topic but I could not find clear recommendations on how to handle it with VirtualHost. Any hints are welcome Thanks Adrian --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx