[packages/apache] move .ht* and *~ access control to common conf where rest of access is configured

glen glen at pld-linux.org
Thu Jul 3 15:51:51 CEST 2014 

commit 8ae11478cfc9ae1767089becb5f374c5d374d2f9
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Thu Jul 3 16:51:48 2014 +0300

    move .ht* and *~ access control to common conf where rest of access is configured

 apache-common.conf | 22 ++++++++++++++++++++++
 apache-httpd.conf  | 35 ++++++++++++-----------------------
 2 files changed, 34 insertions(+), 23 deletions(-)
---
diff --git a/apache-common.conf b/apache-common.conf
index 326dcff..8b1b751 100644
--- a/apache-common.conf
+++ b/apache-common.conf
@@ -24,6 +24,28 @@ DocumentRoot "/home/services/httpd/html"
 	</IfModule>
 </Directory>
 
+# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
+<Files ".ht*">
+	<IfModule mod_authz_host.c>
+		Require all denied
+	</IfModule>
+	<IfModule mod_access_compat.c>
+		Order deny,allow
+		Deny from all
+	</IfModule>
+</Files>
+
+# Prevent backup files from being viewed, too.
+<Files "*~">
+	<IfModule mod_authz_host.c>
+		Require all denied
+	</IfModule>
+	<IfModule mod_access_compat.c>
+		Order deny,allow
+		Deny from all
+	</IfModule>
+</Files>
+
 #
 # This should be changed to whatever you set DocumentRoot to.
 #
diff --git a/apache-httpd.conf b/apache-httpd.conf
index b5783f2..bbb4050 100644
--- a/apache-httpd.conf
+++ b/apache-httpd.conf
@@ -9,7 +9,7 @@
 
 ServerRoot "/etc/httpd"
 
-LoadModule unixd_module   modules/mod_unixd.so
+LoadModule unixd_module modules/mod_unixd.so
 
 
 # User/Group: The name (or #number) of the user/group to run httpd as.
@@ -28,8 +28,8 @@ Group http
 Listen 80
 
 # ServerAdmin: Your address, where problems with the server should be
-# e-mailed.  This address appears on some server-generated pages, such
-# as error documents.  e.g. admin at example.com
+# e-mailed. This address appears on some server-generated pages, such
+# as error documents. e.g. admin at example.com
 #
 ServerAdmin root at example.com
 
@@ -44,7 +44,7 @@ ServerName localhost
 # ErrorLog: The location of the error log file.
 # If you do not specify an ErrorLog directive within a <VirtualHost>
 # container, error messages relating to that virtual host will be
-# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# logged here. If you *do* define an error logfile for a <VirtualHost>
 # container, that host's errors will be logged there and not here.
 ErrorLog logs/error_log
 
@@ -67,27 +67,16 @@ HostnameLookups Off
 TraceEnable Off
 
 #
-# EnableMMAP and EnableSendfile: On systems that support it, 
-# memory-mapping or the sendfile syscall may be used to deliver
-# files.  This usually improves server performance, but must
-# be turned off when serving from networked-mounted 
-# filesystems or if support for these functions is otherwise
-# broken on your system.
+# EnableMMAP and EnableSendfile: On systems that support it, memory-mapping or
+# the sendfile syscall may be used to deliver files.
+# This usually improves server performance, but must be turned off when serving
+# from networked-mounted filesystems or if support for these functions is
+# otherwise broken on your system.
 # Defaults if commented: EnableMMAP On, EnableSendfile Off
 #
 #EnableMMAP off
 EnableSendfile on
 
-# Prevent .htaccess and .htpasswd files from being viewed by Web clients. 
-<Files ".ht*">
-    Require all denied
-</Files>
-
-# Prevent backup files from being viewed, too.
-<Files "*~">
-    Require all denied
-</Files>
-
 # Include other modules and packages config.
 IncludeOptional conf.d/*.conf
 
@@ -106,7 +95,7 @@ IncludeOptional webapps.d/*.conf
 # To disable, set to header=0 body=0
 #
 <IfModule reqtimeout_module>
-  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
+	RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
 </IfModule>
 
 <IfModule alias_module>
@@ -114,7 +103,7 @@ IncludeOptional webapps.d/*.conf
 	# ScriptAliases are essentially the same as Aliases, except that
 	# documents in the target directory are treated as applications and
 	# run by the server when requested rather than as documents sent to the
-	# client.  The same rules about trailing "/" apply to ScriptAlias
+	# client. The same rules about trailing "/" apply to ScriptAlias
 	# directives as to Alias.
 	#
 	ScriptAlias /cgi-bin/ "/home/services/httpd/cgi-bin/"
@@ -142,7 +131,7 @@ IncludeOptional webapps.d/*.conf
 
 # Setup default vhost (first one defined in config) and include vhosts configuration
 <VirtualHost *:80>
-    ServerName localhost
+	ServerName localhost
 #	ServerAdmin webmaster at host.example.com
 #	DocumentRoot /www/docs/host.example.com
 #	ErrorLog logs/host.example.com-error_log
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/apache.git/commitdiff/8ae11478cfc9ae1767089becb5f374c5d374d2f9

More information about the pld-cvs-commit mailing list