Re: [Apache] "Deny" directives silently ignored in config files
> On Thu, 19 Apr 2012 17:51:01 +0200, Matthieu Moy wrote:
>
> > I have a server running Apache HTTPD 2.2.16, installed as Debian package
> > (Debian Squeeze).
> >
> > Some time ago, "Deny from XXX" directives were correctly taken into
> > account, both in .htaccess files and in system-wide configuration files
> > (/etc/apache2/*). I noticed recently that it is no longer the case. I
> > suspect that this breakage occured when migrating the server from Debian
> > Lenny to Debian Squeeze, but I'm not sure.
>
> (...)
>
> I'd would run a couple of basic tests:
>
> - First, as you're on a production server, don't touch the configuration
> that is currently working and prevent users accessing the "/tmp"
> location, just create an additional <Location> block that points to a
> "test" folder with no relevant data on it and check if you get the same
> behaviour with this.
Yes, this is what I had already done.
> - If the problem persists, instead using <Location> try with <Directory>
> and see if there's any difference.
I tested that too, and it doesn't change the issue.
> > (please, keep me Cc-ed, I'm not subscribed)
>
> Sorry, I can't, hope you can read the mailing list archives :-(
Less convenient, but yes, I did check the archives ;-).
Thanks,
--
Matthieu Moy
http://www-verimag.imag.fr/~moy/
Reply to: