[lug] httpd.conf and RH6.2

John-David Childs jdc at nterprise.net
Fri Jun 2 09:29:04 MDT 2000 

On Friday June  2, 2000, Anders Knudsen <aknudsen.96 at slate.Mines.EDU>
 had this to say about "[lug] httpd.conf and RH6.2":

> Quick intro: I'm new to Linux as of almost 1 year ago, but am getting up to 
> speed quite nicely. Have attended BLUG meetings since Jan now. Not a linux 
> newbie, but not a guru either.
> 
> Q:
> I just updated my redhat to 6.2, which also updated apache to 1.3.12 (so 
> all config stuff is contained in httpd.conf.) After the update, the server 
> would not display any files. I tracked it down to the entry:
> <Files ~>
> AllowOverride AuthConfig FileInfo Indexes Limit Options
> Order allow,deny
> Deny from all
> </Files>
> I take this to mean "deny all files"...;-)

Precisely.  It also allows anyone with files in appropriate directories
to override values for AuthConfig (i.e. .htaccess), file type configs
(i.e. mapping extensions to certain handlers), etc.

> 
> If I change the start of it to:
> <Files />
> ...
> it works, and Apache allows the display of web pages, etc.

Hrrm...did you REPLACE <Files ~> with <Files /> and make no other changes?
Or did you do something like this:

<Files />
AllowOverride AuthConfig FileInfo Indexes Limit Options
Order deny,allow
Allow from All
</Files>

In which case, this would be a very bad thing, since it would allow
unrestricted access to (potentially) your entire machine (depending
upon other settings like DocumentRoot).

Mosy likely, you want something like this:

<Files />
AllowOverride None
Order Deny,Allow
Deny from All
</Files>

<Files /home/*/public_html>  (set this to the appropriate directory)
Allow Override AuthConfig Indexes Limit
Order Deny,Allow
Allow from All
</Files>

> 
> Now I'm a bit dubious about this change since I don't fully understand the 
> constraint.
> Is there anyone that can explain this and give me a bit o guidance??
> 
> Thanks,
> -Anders Knudsen.
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

-- 
John-David Childs (JC612)	Enterprise Internet Solutions
Systems Administration          http://www.nterprise.net
  & Network Engineering         8707 E. Florida Ave #814 Denver, CO 80231
The greatest dangers to liberty lurk in insidious encroachment by men
of zeal, well-meaning but without understanding.
		-- Justice Louis D. Brandeis

More information about the LUG mailing list