RE: [users@httpd] Protecting certain cgi-bin subdirectories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Try converting BOTH sections to <Directorymatch> (even thought the
> second one will be a trivial regex).  Then the order of processing
> will be controlled by the order of listing in the config file.

I tried that, in both orders, but without success. I checked that the
DirectoryMatch for the cgi-bin/admin subdirectory was working by having it
alone. Then I added a DirectoryMatch for "/var/www/cgi-bin/.*/" - this
turned ON password prompting for the subdirectories of cgi-bin but it also
overrode the "require user" statement for "/var/www/cgi-bin/admin".
I tried both orders as well. 

Then I tinkered around a bit more, and stumbled on the solution:
# Password protect subdirectories of cgi-*
<Directory /var/www/cgi-*/*/*>
 Require valid-user
</Directory>
# Allow only Swifty into cgi-bin/admin
<Directorymatch /var/www/cgi-(bin|test)/admin>
 Require user Swifty
</Directorymatch>

I'm wildcarding the cgi-bin directory, because I have two virtual hosts, one
uses cgi-bin and the other uses cgi-test.

The above configuration achieves my objectives, but I have no idea at all
how <Directory /var/www/cgi-*/*/*> manages to turn on password prompting for
subdirectories of cgi-bin. It is almost as though the "Directory" directive
is matching the fully-qualified filename rather than the directory.
It matches /var/www/cgi-bin/users/test - but the directory name is
/var/www/cgi-bin/users - the "test" part is the filename of my test script.

Oh, well. It's working. I can leave worrying about why for another day.

Thank you for giving me the will to persist until I found an answer!

Steve Swift
http://www.swiftys.org.uk



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux