On 12/11/05, Ken Tozier <kentozier@xxxxxxxxxxx> wrote: > On Dec 11, 2005, at 1:17 PM, Joshua Slive wrote: > > > > On 12/11/05, Ken Tozier <kentozier@xxxxxxxxxxx> wrote: > > > > > >> Then when I type 'localhost/images/' or '127.0.0.1/images/' into a > >> Safari or Firefox address bar, I get: > >> "Forbidden > >> > >> You don't have permission to access /images/ on this server. > >> > >> Apache/1.3.33 Server at mycomputer.local Port 80" > >> > >> Does anyone know whether Mac OS Tiger has some additional settings > >> somewhere that need to be changed to allow the above to work? > >> > > > > Start here: > > http://httpd.apache.org/docs/1.3/misc/FAQ.html#forbidden > > > > Well that works on my test machine. Unfortunately, in the actual > application, what I need to do is point Apache to an existing > directory on a production server which contains the images I need to > use. Moving or copying the tens of thousands of images to the Web > server isn't an option. Installing another copy of Apache on the > production server isn't an option and opening up the permissions of > the entire production server hierarchy to the world isn't an option. > > Is there no way to target a specific folder without exposing the > entire hierarchy it exists in? Could this be worked around with a > custom module? By "exposing the entire hierarchy" do you mean giving file-system search permissions (chmod +x)? If so, no, you can't work around this in apache. It has nothing to do with apache. It is the file-system that is denying access. If apache can't get to the directory, there is no way to serve the files. In general, giving careful search permissions on the tree while restricting read permissions should be perfectly safe in most circumstances. A possible alternative might be to do some fancy file-system tricks like remounting that particular directory in its own spot that isn't so tightly protected. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx