Dear group,
I finally started to migrate an Apache 2.2 config to 2.4. I've read the
migration document at
https://httpd.apache.org/docs/trunk/upgrading.html#run-time but I have a
hard time understanding the new access control model.
My config is mainly VirtualHost sections, in some of them I do have
Directory or Location directives, but others are pretty basic, for
example this one:
--
<VirtualHost *:80>
DocumentRoot "/webspace/example.org/blog"
ServerName blog.example.org
CustomLog /var/log/httpd/example-access.log combined
ErrorLog /var/log/httpd/example-error.log
</VirtualHost>
--
This used to work fine in 2.2 that way but in 2.4 I get an access denied
by default.
In my httpd.conf shipped by FreeBSD I see:
--
#
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
Require all denied
</Directory>
--
So my interpretation is that I have to explicitly allow access to any
other directory, even those in VirtualHost sections.
If I add
--
<Directory "/">
Require all granted
</Directory>
--
This seems to work.
So I wonder what best practices is, should I add this to each
VirtualHost so the permission is explicitly set or would I change the
default access that currently denies it?
Or am I completely on the wrong track? I've tried to google a bit on the
topic but I could not find clear recommendations on how to handle it
with VirtualHost.
Any hints are welcome
Thanks
Adrian
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|