Re: Access control, VirtualHost & Apache 2.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06 Jan 2020, at 11:21, Adrian Gschwend <ml-ktk@xxxxxxxxxxx> wrote:
> If I add
> 
> --
>      <Directory "/">
>        Require all granted
>      </Directory>
> --
> 
> This seems to work.

FSVO of “work” that include potentialy allowing access to every single file in every singe directory on your system, sure.

You should never ever change the <directory /> block.

DocumentRoot "/usr/local/"
<Directory "/usr/local/www">
    Options +Indexes +FollowSymLinks +Includes -SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>

This will allow access to only your www directories. Of course, change [ath to match your install, and you can add other blocks for other directory trees.

<Directory "/home/*/html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

To allow local users to put web stuff in $HOME/html/ for example.



-- 
Lister: What d'ya think of Betty? Cat: Betty Rubble? Well, I would go
	with Betty... but I'd be thinking of Wilma. Lister: This is
	crazy. Why are we talking about going to bed with Wilma
	Flintstone? Cat: You're right. We're nuts. This is an insane
	conversation. Lister: She'll never leave Fred, and we know it.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux