httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tobias Adolph <Tobias.Ado...@lrz.de>
Subject [users@httpd] Is it possible to evaluate .htaccess before proxying requests? (Apache 2.4.9)
Date Tue, 13 May 2014 15:51:56 GMT
Hi all,

is the intended behaviour of ProxyPass(Match)-Directives to ignore 
.htaccess files?
And is there any way to change this?

Version used: Apache httpd 2.4.9
Operating System: SUSE Linux Enterprise Server 11.3 (x86_64)

Context:
PHP is enabled via mod_proxy(_fcgi), but using this configuration-
snippet in vhost-context

<LocationMatch .*\.php$ >
         ProxyPass unix:/var/run/php-fpm.sock|fcgi://localhost/
</LocationMatch>

with the following .htaccess-Directive in the DocumentRoot

Require all denied

results in the following situation:

Access to php-files isn't denied - they are served - but non-PHP-ressources
like css- or js-files aren't served ( => strange output).

Same Problem when proxying is realized via ip-adress or rewrites:
RewriteRule (.*\.php)$ fcgi://localhost:9000/$1 [P]

Please Note:
I know I can configure stuff like access control in 
<Location(Match)>-context in the
server configuration. And I know .htaccess files have "performance, 
security, and
management downsides" (cit. Mark Montague).
The problem: Non-privileged users (~1200) who are only allowed to modify 
their
.htaccess-files for rewrites or access controls. Even if they had access 
to their
vhost context the migration effort grows exponentially since 
htaccess-files are status
quo...

Thanks in advance for your effort.

Kind regards,
Tobias Adolph

Mime
View raw message