RE: mod_access problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> -----Original Message-----
> From: jslive@xxxxxxxxx [mailto:jslive@xxxxxxxxx] On Behalf Of Joshua
> Slive
> Sent: vrijdag 21 september 2007 15:09
> To: users@xxxxxxxxxxxxxxxx
> Subject: Re:  mod_access problem
> 
> On 9/21/07, m.a.m.vanbeek@xxxxxxxxxxxxxxxxxx
> <m.a.m.vanbeek@xxxxxxxxxxxxxxxxxx> wrote:
> > Hi,
> >
> > When I use the mod_access directives to limit access to certain
files
> or
> > commands, they just seem to be ignored. For example, to disable
> > downloading of .htaccess and .htpasswd files I use the (almost)
> standard
> > rules of:
> >
> > ---  example ---
> > <Files ~ "^\.ht">
> >     Order allow,deny
> >     Deny from all
> >     Satisfy all
> > </Files>
> > --- /example ---
> >
> > As far as I know this should disallow anyone (including users
logging
> in
> > through HTTP AUTH) to open the .ht* files. But if I try to download
> > them, they can be opened.
> > The same problem goes for any other access limiting based on IP.
> 
> Start by reading this:
> http://httpd.apache.org/docs/2.2/sections.html#mergin
> 
> It may be that you have other access-control directives in a
> <Location> section that are overriding your <Files> section.
> 
> Joshua.
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Hi,

Found the problem, a long time ago, some punk was abusing a forum I
hosted and I (stupidly) created a <Location /> with his IP as deny and
allow from all, not knowing this would override the other access
restrictions.

Thanks,
Mark

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux