httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adrian Gschwend <>
Subject [users@httpd] Access control, VirtualHost & Apache 2.4
Date Mon, 06 Jan 2020 18:21:28 GMT
Dear group,

I finally started to migrate an Apache 2.2 config to 2.4. I've read the
migration document at but I have a
hard time understanding the new access control model.

My config is mainly VirtualHost sections, in some of them I do have
Directory or Location directives, but others are pretty basic, for
example this one:

   <VirtualHost *:80>
      DocumentRoot "/webspace/"
      CustomLog /var/log/httpd/example-access.log combined
      ErrorLog /var/log/httpd/example-error.log

This used to work fine in 2.2 that way but in 2.4 I get an access denied
by default.

In my httpd.conf shipped by FreeBSD I see:

# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
<Directory />
    AllowOverride none
    Require all denied

So my interpretation is that I have to explicitly allow access to any
other directory, even those in VirtualHost sections.

If I add

      <Directory "/">
        Require all granted

This seems to work.

So I wonder what best practices is, should I add this to each
VirtualHost so the permission is explicitly set or would I change the
default access that currently denies it?

Or am I completely on the wrong track? I've tried to google a bit on the
topic but I could not find clear recommendations on how to handle it
with VirtualHost.

Any hints are welcome



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message