----- Original Message -----
> you have rules in htaccess subverting your rules in httpd.conf.
Hmm, in httpd.conf I have the following directives for the root directory:
#
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/www">
Options -Indexes -FollowSymLinks -Includes -MultiViews
AllowOverride None
Order allow,deny
Allow from all
<LimitExcept GET POST>
deny from all
</LimitExcept>
</Directory>
Do they flow down to the virtuals underneath then ? I used http://security-24-7.com/hardening-guide-for-apache-2-2-15-on-redhat-5-4-64bit-edition/ to help lock down the server.
Very sorry for my lack of knowledge.
--
Thanks, Phil
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|