On Sat, May 31, 2008 at 9:37 PM, Eric <pytechd@xxxxxxxxx> wrote: > From what I understand, mod_authz_host always performs two DNS lookups > per request when mod_authz_host is enabled, regardless of whether any > host-based blockings are used. No, that's not true to the best of my knowledge. If it were true, it would be a major bug. The lookups are performed only for hostnames (or things that appear to mod_authz_host to be hostnames). > I don't need that, in fact, the only > part of mod_authz_host I use is to set "Order allow,deny" and "Allow > from all" or "Deny from all". > > If I disable mod_authz_host, what are the risks? Currently the only > blocks I have are from: > > <Directory /> > Order allow,deny > Deny from all > </Directory> > > and > > <FilesMatch "^\.svn"> > Order allow,deny > Deny from all > </FilesMatch> > > I can block the latter with mod_rewrite. Is the first even necessary? > It was in my distro's default httpd.conf. If you don't need host-based blocking, you can disable mod_authz_host. The first block is basically just a safety feature to try to prevent you from accidentally exposing things that you intend to be protected. If the rest of your config is correct, it doesn't do anything. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|