httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "@lbutlr" <>
Subject Re: [users@httpd] Access control, VirtualHost & Apache 2.4
Date Tue, 07 Jan 2020 03:23:39 GMT
On 06 Jan 2020, at 11:21, Adrian Gschwend <> wrote:
> If I add
> --
>      <Directory "/">
>        Require all granted
>      </Directory>
> --
> This seems to work.

FSVO of “work” that include potentialy allowing access to every single file in every singe
directory on your system, sure.

You should never ever change the <directory /> block.

DocumentRoot "/usr/local/"
<Directory "/usr/local/www">
    Options +Indexes +FollowSymLinks +Includes -SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted

This will allow access to only your www directories. Of course, change [ath to match your
install, and you can add other blocks for other directory trees.

<Directory "/home/*/html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS

To allow local users to put web stuff in $HOME/html/ for example.

Lister: What d'ya think of Betty? Cat: Betty Rubble? Well, I would go
	with Betty... but I'd be thinking of Wilma. Lister: This is
	crazy. Why are we talking about going to bed with Wilma
	Flintstone? Cat: You're right. We're nuts. This is an insane
	conversation. Lister: She'll never leave Fred, and we know it.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message