deny some files in apache by default
Arkadiusz Miskiewicz
arekm at maven.pl
Wed Jul 13 08:06:11 CEST 2011
On Wednesday 13 of July 2011, Elan Ruusamäe wrote:
> On 07/12/2011 04:42 PM, Arkadiusz Miskiewicz wrote:
> > What do you think about adding to our apache default config:
> >
> > [arekm at t400 ~/rpm/packages/apache]$ cvs diff -u apache-common.conf
> > Index: apache-common.conf
> > ===================================================================
> > RCS file: /cvsroot/packages/apache/apache-common.conf,v
> > retrieving revision 1.9
> > diff -u -u -r1.9 apache-common.conf
> > --- apache-common.conf 9 Jan 2006 11:24:05 -0000 1.9
> > +++ apache-common.conf 12 Jul 2011 13:40:56 -0000
> > @@ -19,6 +19,12 @@
> >
> > Order deny,allow
> > Deny from all
> >
> > </IfModule>
> >
> > +<IfModule mod_authz_host.c>
>
> afaik module name is wrong
Then we have it wrong in the same config, few lines above.
> > +<FilesMatch "(~|#|^\.\?\?.*|\.inc)$">
>
> backup files ok, maybe add more, like .BAK and .bak?
> ".inc" file, may cause conflicts
> and "^\.\?\?.*" is what? '?' needs to be esacaped and '*' not in apache?
Any file starting with .??, not sure which program makes such backup files.
>
> perhaps you wanted to say just dot-files?:
> <FilesMatch "(^\..*|~|#|\.inc)$">
>
> also, perhaps add to the list files that (our) lighttpd denies (vcs
> control files):
Fine for me.
--
Arkadiusz Miśkiewicz PLD/Linux Team
arekm / maven.pl http://ftp.pld-linux.org/
More information about the pld-devel-en
mailing list