On 5/13/24 15:42, Chris me wrote:
The Apache docs recommend dong this to setup a default deny to file locations:<Directory "/"> Require all denied </Directory> Do I do that in httpd.conf or do I add that to each <virtualhost> entry?
If you do it in httpd.conf (which I assume would be a server-wide scope for you), it will be applied globally and thus within every virtualhost scope as well. You should then, within each virtualhost scope, explicitly allow access to the documentroot and other directories you wish to have open for reading.
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx