[packages/apache] move .ht* and *~ access control to common conf where rest of access is configured
glen
glen at pld-linux.org
Thu Jul 3 15:51:51 CEST 2014
commit 8ae11478cfc9ae1767089becb5f374c5d374d2f9
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Thu Jul 3 16:51:48 2014 +0300
move .ht* and *~ access control to common conf where rest of access is configured
apache-common.conf | 22 ++++++++++++++++++++++
apache-httpd.conf | 35 ++++++++++++-----------------------
2 files changed, 34 insertions(+), 23 deletions(-)
---
diff --git a/apache-common.conf b/apache-common.conf
index 326dcff..8b1b751 100644
--- a/apache-common.conf
+++ b/apache-common.conf
@@ -24,6 +24,28 @@ DocumentRoot "/home/services/httpd/html"
</IfModule>
</Directory>
+# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
+<Files ".ht*">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</Files>
+
+# Prevent backup files from being viewed, too.
+<Files "*~">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</Files>
+
#
# This should be changed to whatever you set DocumentRoot to.
#
diff --git a/apache-httpd.conf b/apache-httpd.conf
index b5783f2..bbb4050 100644
--- a/apache-httpd.conf
+++ b/apache-httpd.conf
@@ -9,7 +9,7 @@
ServerRoot "/etc/httpd"
-LoadModule unixd_module modules/mod_unixd.so
+LoadModule unixd_module modules/mod_unixd.so
# User/Group: The name (or #number) of the user/group to run httpd as.
@@ -28,8 +28,8 @@ Group http
Listen 80
# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin at example.com
+# e-mailed. This address appears on some server-generated pages, such
+# as error documents. e.g. admin at example.com
#
ServerAdmin root at example.com
@@ -44,7 +44,7 @@ ServerName localhost
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
+# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog logs/error_log
@@ -67,27 +67,16 @@ HostnameLookups Off
TraceEnable Off
#
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall may be used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
+# EnableMMAP and EnableSendfile: On systems that support it, memory-mapping or
+# the sendfile syscall may be used to deliver files.
+# This usually improves server performance, but must be turned off when serving
+# from networked-mounted filesystems or if support for these functions is
+# otherwise broken on your system.
# Defaults if commented: EnableMMAP On, EnableSendfile Off
#
#EnableMMAP off
EnableSendfile on
-# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
-<Files ".ht*">
- Require all denied
-</Files>
-
-# Prevent backup files from being viewed, too.
-<Files "*~">
- Require all denied
-</Files>
-
# Include other modules and packages config.
IncludeOptional conf.d/*.conf
@@ -106,7 +95,7 @@ IncludeOptional webapps.d/*.conf
# To disable, set to header=0 body=0
#
<IfModule reqtimeout_module>
- RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
+ RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>
<IfModule alias_module>
@@ -114,7 +103,7 @@ IncludeOptional webapps.d/*.conf
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
+ # client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
#
ScriptAlias /cgi-bin/ "/home/services/httpd/cgi-bin/"
@@ -142,7 +131,7 @@ IncludeOptional webapps.d/*.conf
# Setup default vhost (first one defined in config) and include vhosts configuration
<VirtualHost *:80>
- ServerName localhost
+ ServerName localhost
# ServerAdmin webmaster at host.example.com
# DocumentRoot /www/docs/host.example.com
# ErrorLog logs/host.example.com-error_log
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/apache.git/commitdiff/8ae11478cfc9ae1767089becb5f374c5d374d2f9
More information about the pld-cvs-commit
mailing list