WampServer
Apache, PHP, MySQL
on Windows
Directory security?
Posted by:
mattfox
(---.west.biz.rr.com)
Date: July 04, 2008 08:20PM
When doing vhosts do you have to do two totally seperate document root and and directory / thing for each directory like below...Should this directive be in each directory.....
<Directory />
Options FollowSymLinks
AllowOverride None <----Does this have to be there for each directory
Order deny,allow or since i have both directories in the www folder can i just
Deny from all restrict it to c:/wamp/www/ instead of doing each one individually?
</Directory> or is it safer to put thisin for each directory?
This is my current config below....
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "c:/wamp/www/www1/">
Options -Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</Directory>
DocumentRoot "c:/wamp/www/www2/"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "c:/wamp/www/www2/">
Options -Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</Directory>
<Directory />
Options FollowSymLinks
AllowOverride None <----Does this have to be there for each directory
Order deny,allow or since i have both directories in the www folder can i just
Deny from all restrict it to c:/wamp/www/ instead of doing each one individually?
</Directory> or is it safer to put thisin for each directory?
This is my current config below....
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "c:/wamp/www/www1/">
Options -Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</Directory>
DocumentRoot "c:/wamp/www/www2/"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "c:/wamp/www/www2/">
Options -Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</Directory>
Re: Directory security?
Posted by:
toivo
(---.nsw.bigpond.net.au)
Date: July 05, 2008 12:57AM
Hi,
This entry protects the filesystem from walkthroughs but you only need one of these in your configuration:
<Directory />
Order Deny,Allow
Deny from all
</Directory>
You must have one DocumentRoot directive under each virtual host.
The AllowOverride directive is only applicable if you use .htaccess file(s).
If you want to restrict the access to an IP address , a subnet or a domain, do this:
Order Deny,Allow
Deny from all
Allow from 192.168.1.1 123.111.2
Allow from example.com
Feel free to study the apache documentation at [httpd.apache.org].
Regards,
toivo
Sydney, Australia
This entry protects the filesystem from walkthroughs but you only need one of these in your configuration:
<Directory />
Order Deny,Allow
Deny from all
</Directory>
You must have one DocumentRoot directive under each virtual host.
The AllowOverride directive is only applicable if you use .htaccess file(s).
If you want to restrict the access to an IP address , a subnet or a domain, do this:
Order Deny,Allow
Deny from all
Allow from 192.168.1.1 123.111.2
Allow from example.com
Feel free to study the apache documentation at [httpd.apache.org].
Regards,
toivo
Sydney, Australia
Re: Directory security?
Posted by:
mattfox
(---.west.biz.rr.com)
Date: July 05, 2008 08:05AM
Ya i looked all through apache documentation but i just want to make sure i did it all right...How do i make the htaccess files? I changed my config completely to a more proper setup...So then in the vhost setup each documentroot is protected by...
<Directory />
Order Deny,Allow
Deny from all
</Directory>
<Directory />
Order Deny,Allow
Deny from all
</Directory>
Re: Directory security?
Posted by:
toivo
(---.nsw.bigpond.net.au)
Date: July 05, 2008 08:37AM
You can create a .htaccess file as htaccess.txt in any editor and then rename it to .htaccess in DOS. If you are thinking of using for example URL rewrite commands, check the syntax first in a small test site because errors usually cause the 500 error which stops the server.
There may be utilities available from support forums which create .htaccess files and also passwd files if you protect folders with usernames and passwords.
Regards,
toivo
Sydney, Australia
There may be utilities available from support forums which create .htaccess files and also passwd files if you protect folders with usernames and passwords.
Regards,
toivo
Sydney, Australia
Sorry, only registered users may post in this forum.
