Well Sean - I have commented out the php directives.
*.html files are still accessible as well.
I have put t1.html , t2.htm , and t3.php into the same
directory. These files are still accessible, and output
three lines of text.
Here is my complete websites.conf file, that gets included
into httpd.conf. I'm wondering if it is being included in
the wrong place in httpd.conf, and causing conflicts with
how Directry Files and Location sections are parsed.
Does anyone have a link to a minimal httpd.conf file I can
make a fresh start with. ie what is the very bare minimal
configuration directives I can get away with for a complete
httpd.conf file, without SSL or virtual hosts, which I can
add later?
# default access on root filesystem - www.karsites.net
<Directory />
DirectoryIndex karsites.hml
Options None
AllowOverride None
Order Deny,Allow
Deny from all
# php_admin_value open_basedir '/srv/www/htdocs/:/tmp/'
# php_admin_flag display_errors OFF
</Directory>
#--------------------------------------------------------------------------
# remove the CONNECT bug # http://bugs.php.net/bug.php?id=19113
<Location />
<Limit CONNECT>
Order deny,allow
Deny from all
</Limit>
</Location>
#--------------------------------------------------------------------------
# default restrictions on rest of server docs filesystem
<Directory /srv/www/htdocs/KAR/*/>
# AuthUserFile /etc/httpd/passwd
# AuthGroupFile /etc/httpd/group
Options None
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
#--------------------------------------------------------------------------
# only localhost can access documentation tree here
<Directory /srv/www/htdocs/manual>
Order deny,allow
Deny from all
Allow from localhost
</Directory>
#--------------------------------------------------------------------------
# only localhost and 10.0.0.3 can access development tree
<Directory /srv/www/htdocs/KAR/websites/develop>
Options None
Options Indexes
Order deny,allow
Deny from all
Allow from localhost
Allow from 10.0.0.3
# php_admin_flag display_errors ON
</Directory>
#--------------------------------------------------------------------------
# only localhost can access intermediate tree
<Directory /srv/www/htdocs/KAR/websites/intermediate>
Options None
Options Indexes
Order deny,allow
Deny from all
Allow from localhost
# php_admin_flag display_errors ON
</Directory>
#==========================================================================
# START OF PUBLIC WEBSITE DIRECTORIES & ACCESS PERMISSIONS
#==========================================================================
#--------------------------------------------------------------------------
# MUXREG WEBSITE ACCESS
#--------------------------------------------------------------------------
# anyone including localhost can access live websites
<Directory /srv/www/htdocs/KAR/websites/live/muxreg/anyuser>
Options None
Order deny,allow
Allow from all
# php_admin_flag display_errors OFF
</Directory>
#--------------------------------------------------------------------------
# DBA ADMIN PAGES
# only localhost can access the admin pages of this site
<Directory /srv/www/htdocs/KAR/websites/live/muxreg/admin>
Options None
Order deny,allow
Deny from all
Allow from localhost
# php_admin_flag display_errors OFF
</Directory>
#--------------------------------------------------------------------------
#
# SITE DOWN PAGE
# uncomment this section to make muxreg website UNAVAILABLE online
# anyone including localhost can access live websites
#
# <Directory "/srv/www/htdocs/KAR/websites/live/muxreg/sitedown/">
# Options None
# Order deny,allow
# Allow from all
#
# php_admin_flag display_errors OFF
# </Directory>
#
#--------------------------------------------------------------------------
# anyone can access this public directory tree with dir listings
<Directory /srv/www/htdocs/KAR/websites/pub>
Options None
Options Indexes
Order deny,allow
Allow from all
</Directory>
#--------------------------------------------------------------------------
# access for localhost and 10.0.0.3 only with directory listings
<Directory /srv/www/htdocs/KAR/websites/test>
Options None
Options Indexes
Order deny,allow
Deny from All
Allow from localhost
Allow from 10.0.0.3
</Directory>
<Directory /srv/www/htdocs/KAR/websites/test/PHP>
Options None
Order deny,allow
Deny from all
<Files *.php>
Order deny,allow
Deny from all
</Files>
</Directory>
<Directory /srv/www/htdocs/KAR/websites/pub/computing/apache-test>
Options None
Order deny,allow
Deny from all
<Files *.html>
Order deny,allow
Deny from all
</Files>
</Directory>
#==========================================================================
# END OF WEBSITE DIRECTORIES & ACCESS PERMISSIONS
#==========================================================================
# end of websites.conf
On Fri, 30 Dec 2005, Sean Davis wrote:
> To: users@xxxxxxxxxxxxxxxx
> From: Sean Davis <sdavis2@xxxxxxxxxxxx>
> Subject: Re: [users@httpd] Filename Access
>
> Just a suggestion, but if you take out the .php directives
> (that allow php script execution) do you get the correct
> behavior? Alternatively, if you put a .html file in your
> test directory, can you still access it?
>
> Sean
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|