RE: Apache issue
From: Phil Eschallier (phil_at_10types.com)
Date: 06/22/05
- Previous message: anita.salerno_at_talk21.com: "Apache issue"
- In reply to: anita.salerno_at_talk21.com: "Apache issue"
- Next in thread: Hans: "Re: Apache issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <anita.salerno@talk21.com>, <focus-linux@securityfocus.com> Date: Wed, 22 Jun 2005 10:52:00 -0400
Look in the config file ... you probably have an entry for <Directory "/">
with an override of "None" ... or perhaps some other parent directory of
your /www/html/directory/rzone.
Or, are you sure that the Apache DocRoot has not changed with this update?
... Phil
-----Original Message-----
From: anita.salerno@talk21.com [mailto:anita.salerno@talk21.com]
Sent: Wednesday, June 22, 2005 3:44 AM
To: focus-linux@securityfocus.com
Subject: Apache issue
Hello,
I'm using Apache/2.0.52 on Fedora Core 3. I've copied the configuration file
of the previous apache's version on a Redhat, as I do everytime when
upgrading to a new version of Apache (I configured only the new httpd.conf
manually), and now the problem is that none of the security measures is
working, I'm bypassing all of them (.htaccess and ip list specification).
The mod_access module is enabled.
In my httpd.conf, I have:
AllowOverride All
<Directory /www/html/directory/rzone>
Order Allow,Deny
Allow from 10.0.10.
Deny from all
</Directory>
My .htaccess is:
AuthType Basic
AuthName Welcome
AuthUserFile /www/html/directory/rzone/.htmdp
<Limit GET POST>
require valid-user
Order Allow,Deny
Allow from 10.0.10.
Deny from all
</Limit>
When I was desprate, I've configured the access file as follow:
Order Allow,Deny
Deny from all
and I still have access to the web site.
Any idea ?
- Previous message: anita.salerno_at_talk21.com: "Apache issue"
- In reply to: anita.salerno_at_talk21.com: "Apache issue"
- Next in thread: Hans: "Re: Apache issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
