RE: Apache issue

From: Phil Eschallier (phil_at_10types.com)
Date: 06/22/05

  • Next message: Hans: "Re: Apache issue"
    To: <anita.salerno@talk21.com>, <focus-linux@securityfocus.com>
    Date: Wed, 22 Jun 2005 10:52:00 -0400
    
    

    Look in the config file ... you probably have an entry for <Directory "/">
    with an override of "None" ... or perhaps some other parent directory of
    your /www/html/directory/rzone.

    Or, are you sure that the Apache DocRoot has not changed with this update?

    ... Phil

    -----Original Message-----
    From: anita.salerno@talk21.com [mailto:anita.salerno@talk21.com]
    Sent: Wednesday, June 22, 2005 3:44 AM
    To: focus-linux@securityfocus.com
    Subject: Apache issue

    Hello,
    I'm using Apache/2.0.52 on Fedora Core 3. I've copied the configuration file
    of the previous apache's version on a Redhat, as I do everytime when
    upgrading to a new version of Apache (I configured only the new httpd.conf
    manually), and now the problem is that none of the security measures is
    working, I'm bypassing all of them (.htaccess and ip list specification).

    The mod_access module is enabled.

    In my httpd.conf, I have:

    AllowOverride All

    <Directory /www/html/directory/rzone>
            Order Allow,Deny
            Allow from 10.0.10.
            Deny from all
    </Directory>

    My .htaccess is:
    AuthType Basic
    AuthName Welcome
    AuthUserFile /www/html/directory/rzone/.htmdp

    <Limit GET POST>
            require valid-user

            Order Allow,Deny
            Allow from 10.0.10.
            Deny from all
    </Limit>

    When I was desprate, I've configured the access file as follow:

    Order Allow,Deny
    Deny from all

    and I still have access to the web site.
     
    Any idea ?


  • Next message: Hans: "Re: Apache issue"

    Relevant Pages

    • RE: apt-get install wont recover from removal of apache directory in /etc/
      ... it does recover fine. ... # apt-get install apache ... Not replacing deleted config file /etc/apache/httpd.conf ...
      (Debian-User)
    • Re: Apache Webserver ?
      ... I am running Red hat version ... > get a simple web server up and running to host my domain. ... The popular belief is that the apache configuration file is ... Apache said where the config file is ...
      (alt.os.linux)
    • Forms and PHP V5.0.2 with APACHE V2.0.50
      ... To use my HOME PC to run a local APACHE web server on which to ... develop websites that make use of PHP scripts and MySQL databases. ... REGISTER_LONG_ARRAYS directive settings of the PHP.INI config file, ... Note also that I have been restarting APACHE after each change to ...
      (comp.lang.php)
    • Re: [opensuse] Apache server side includes openSUSE 10.3 x86_64
      ... I've added modules there and Apache ... all openSUSE specific, its not in the Apache manuals. ... Personally I think that zapping a config file ... for humans to edit or humans to run an explicit program to change, ...
      (SuSE)
    • Re: mod_perl port
      ... Make sure you are looking in the right config file. ... If you had apache 1.x ... Reading disclaimers makes you go blind. ... Writing them is worse. ...
      (freebsd-questions)