Re: Re[4]: apache FollowSymLinks and SymLinksIfOwnerMatch question
Patrick Hsieh said:
> OK. What I mean is, since I have to turn on FollowSymLinks. I wish apache
> only follow the symblic links under /var/www
> Sorry for the poor explaination.
no problem. now I know exactly what you want and its easy to do,
in access.conf (or httpd.conf whatever you want to use) make a new
directory access control for the directory / (root). set the default
access to that directory to DENY. that will prevent apache from providing
access to *ANY* file outside of the directories specified in the configuration
be it by symlink or anything else. I do this on most of my servers.
something like
<Directory />
Options None
AllowOverride None
order deny,allow
deny from all
</Directory>
this may break some things on your system(s) if files being accessed
are outside of the directories, in which case you'll have to add
those directories to the config file and restart apache.
nate
Reply to: