[ale] Problems with "browsing" apache protected folders
Dow Hurst
dhurst at kennesaw.edu
Wed Mar 31 09:51:16 EST 2004
I am not answering your question cause I don't know it! But, shouldn't your
policy be deny then allow? And, why would you allow following symlinks? Just
curious as to your reasons since I thought both of those were not the best
policy to follow. I knew a little about 1.3 series but haven't had to deal
with the 2 version at all.
Dow
Armsby John-G16665 wrote:
> All,
>
> I have been struggling with RedHat 9, Apache2, and password protected folders under the document root.
>
> The good: I can password selected directories/folders via the Directory directive in httpd.conf. I can type in the appropriate URL and a password popup appears.
>
> The bad: With apache 1.3.x I could select the appropriate URL pointing to a folder under the document root system and "browse" down the directory system until I selected the password protected folder. Double clicking on the password protected folder resulted in a password popup. With apache 2 I can still browse but I CAN NO LONGER "SEE" THE PROTECTED FOLDER. IT IS INVISIBLE! If I remove/comment the Directory directive, I can now "see" the now unprotected folder.
>
> I am stumped. A complication is that I am running (successfully) a virtual server. Virtual 1 is on port 80. Virtual 2 is port 727. Apache specified I had to create two virtual servers, no one for the 727 port.
>
> Below is my httpd.conf. I have cross posted to the apache configuration group.
>
> Any help would be appreciated.
>
> John
>
>
>
>
>
>>ServerTokens OS
>>
>>ServerRoot "/etc/httpd"
>>
>>
>>PidFile run/httpd.pid
>>
>>Timeout 300
>>
>>KeepAlive Off
>>
>>MaxKeepAliveRequests 100
>>
>>KeepAliveTimeout 15
>>
>>
>><IfModule prefork.c>
>>StartServers 8
>>MinSpareServers 5
>>MaxSpareServers 20
>>MaxClients 150
>>MaxRequestsPerChild 1000
>></IfModule>
>>
>><IfModule worker.c>
>>StartServers 2
>>MaxClients 150
>>MinSpareThreads 25
>>MaxSpareThreads 75
>>ThreadsPerChild 25
>>MaxRequestsPerChild 0
>></IfModule>
>>
>><IfModule perchild.c>
>>NumServers 5
>>StartThreads 5
>>MinSpareThreads 5
>>MaxSpareThreads 10
>>MaxThreadsPerChild 20
>>MaxRequestsPerChild 0
>></IfModule>
>>
>>Listen 80
>>Listen 727
>>
>>Include conf.d/*.conf
>>
>>LoadModule access_module modules/mod_access.so
>>LoadModule auth_module modules/mod_auth.so
>>LoadModule auth_anon_module modules/mod_auth_anon.so
>>LoadModule auth_dbm_module modules/mod_auth_dbm.so
>>LoadModule auth_digest_module modules/mod_auth_digest.so
>>LoadModule include_module modules/mod_include.so
>>LoadModule log_config_module modules/mod_log_config.so
>>LoadModule env_module modules/mod_env.so
>>LoadModule mime_magic_module modules/mod_mime_magic.so
>>LoadModule cern_meta_module modules/mod_cern_meta.so
>>LoadModule expires_module modules/mod_expires.so
>>LoadModule headers_module modules/mod_headers.so
>>LoadModule usertrack_module modules/mod_usertrack.so
>>LoadModule unique_id_module modules/mod_unique_id.so
>>LoadModule setenvif_module modules/mod_setenvif.so
>>LoadModule mime_module modules/mod_mime.so
>>LoadModule dav_module modules/mod_dav.so
>>LoadModule status_module modules/mod_status.so
>>LoadModule autoindex_module modules/mod_autoindex.so
>>LoadModule asis_module modules/mod_asis.so
>>LoadModule info_module modules/mod_info.so
>>LoadModule dav_fs_module modules/mod_dav_fs.so
>>LoadModule vhost_alias_module modules/mod_vhost_alias.so
>>LoadModule negotiation_module modules/mod_negotiation.so
>>LoadModule dir_module modules/mod_dir.so
>>LoadModule imap_module modules/mod_imap.so
>>LoadModule actions_module modules/mod_actions.so
>>LoadModule speling_module modules/mod_speling.so
>>LoadModule userdir_module modules/mod_userdir.so
>>LoadModule alias_module modules/mod_alias.so
>>LoadModule rewrite_module modules/mod_rewrite.so
>>LoadModule proxy_module modules/mod_proxy.so
>>LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
>>LoadModule proxy_http_module modules/mod_proxy_http.so
>>LoadModule proxy_connect_module modules/mod_proxy_connect.so
>>
>><IfModule prefork.c>
>>LoadModule cgi_module modules/mod_cgi.so
>></IfModule>
>>
>><IfModule worker.c>
>>LoadModule cgid_module modules/mod_cgid.so
>></IfModule>
>>
>>
>>
>>User apache
>>Group dc
>>
>>ServerAdmin john.armsby at motorola.com
>>
>>ServerName xena2
>>UseCanonicalName Off
>>
>>DocumentRoot "/var/www/html"
>>
>><Directory />
>> Options FollowSymLinks
>> AllowOverride None
>></Directory>
>>
>>
>><Directory "/var/www/html">
>>
>> Options Indexes FollowSymLinks
>>
>> AllowOverride None
>>
>> Order allow,deny
>> Allow from all
>>
>></Directory>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>><LocationMatch "^/$>
>> Options -Indexes
>> ErrorDocument 403 /error/noindex.html
>></LocationMatch>
>>
>><IfModule mod_userdir.c>
>> UserDir disable
>>
>>
>></IfModule>
>>
>>
>>DirectoryIndex index.html index.html.var
>>
>>AccessFileName .htaccess
>>
>><Files ~ "^\.ht">
>> Order allow,deny
>> Deny from all
>></Files>
>>
>>TypesConfig /etc/mime.types
>>
>>DefaultType text/plain
>>
>><IfModule mod_mime_magic.c>
>> MIMEMagicFile conf/magic
>></IfModule>
>>
>>HostnameLookups Off
>>
>>ErrorLog logs/error_log
>>
>>LogLevel warn
>>
>>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
>
> combined
>
>>LogFormat "%h %l %u %t \"%r\" %>s %b" common
>>LogFormat "%{Referer}i -> %U" referer
>>LogFormat "%{User-agent}i" agent
>>
>>CustomLog logs/access_log combined
>>
>>
>>
>>ServerSignature On
>>
>>Alias /icons/ "/var/www/icons/"
>>
>><Directory "/var/www/icons">
>> Options Indexes MultiViews
>> AllowOverride None
>> Order allow,deny
>> Allow from all
>></Directory>
>>
>>Alias /manual "/var/www/manual"
>>
>><Directory "/var/www/manual">
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride None
>> Order allow,deny
>> Allow from all
>></Directory>
>>
>><IfModule mod_dav_fs.c>
>> DAVLockDB /var/lib/dav/lockdb
>></IfModule>
>>
>>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>>
>><IfModule mod_cgid.c>
>>Scriptsock run/httpd.cgid
>></IfModule>
>>
>><Directory "/var/www/cgi-bin">
>> AllowOverride None
>> Options None
>> Order allow,deny
>> Allow from all
>></Directory>
>>
>>
>>
>>IndexOptions FancyIndexing VersionSort NameWidth=*
>>
>>AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>>
>>AddIconByType (TXT,/icons/text.gif) text/*
>>AddIconByType (IMG,/icons/image2.gif) image/*
>>AddIconByType (SND,/icons/sound2.gif) audio/*
>>AddIconByType (VID,/icons/movie.gif) video/*
>>
>>AddIcon /icons/binary.gif .bin .exe
>>AddIcon /icons/binhex.gif .hqx
>>AddIcon /icons/tar.gif .tar
>>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
>>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>>AddIcon /icons/a.gif .ps .ai .eps
>>AddIcon /icons/layout.gif .html .shtml .htm .pdf
>>AddIcon /icons/text.gif .txt
>>AddIcon /icons/c.gif .c
>>AddIcon /icons/p.gif .pl .py
>>AddIcon /icons/f.gif .for
>>AddIcon /icons/dvi.gif .dvi
>>AddIcon /icons/uuencoded.gif .uu
>>AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
>>AddIcon /icons/tex.gif .tex
>>AddIcon /icons/bomb.gif core
>>
>>AddIcon /icons/back.gif ..
>>AddIcon /icons/hand.right.gif README
>>AddIcon /icons/folder.gif ^^DIRECTORY^^
>>AddIcon /icons/blank.gif ^^BLANKICON^^
>>
>>DefaultIcon /icons/unknown.gif
>>
>>
>>ReadmeName README.html
>>HeaderName HEADER.html
>>
>>
>>AddEncoding x-compress Z
>>AddEncoding x-gzip gz tgz
>>
>>AddLanguage da .dk
>>AddLanguage nl .nl
>>AddLanguage en .en
>>AddLanguage et .et
>>AddLanguage fr .fr
>>AddLanguage de .de
>>AddLanguage he .he
>>AddLanguage el .el
>>AddLanguage it .it
>>AddLanguage ja .ja
>>AddLanguage pl .po
>>AddLanguage kr .kr
>>AddLanguage pt .pt
>>AddLanguage nn .nn
>>AddLanguage no .no
>>AddLanguage pt-br .pt-br
>>AddLanguage ltz .ltz
>>AddLanguage ca .ca
>>AddLanguage es .es
>>AddLanguage sv .se
>>AddLanguage cz .cz
>>AddLanguage ru .ru
>>AddLanguage tw .tw
>>AddLanguage zh-tw .tw
>>AddLanguage hr .hr
>>
>>LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ltz ca es sv
>
> tw
>
>>ForceLanguagePriority Prefer Fallback
>>
>>AddDefaultCharset ISO-8859-1
>>
>>AddCharset ISO-8859-1 .iso8859-1 .latin1
>>AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
>>AddCharset ISO-8859-3 .iso8859-3 .latin3
>>AddCharset ISO-8859-4 .iso8859-4 .latin4
>>AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
>>AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
>>AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
>>AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
>>AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
>>AddCharset ISO-2022-JP .iso2022-jp .jis
>>AddCharset ISO-2022-KR .iso2022-kr .kis
>>AddCharset ISO-2022-CN .iso2022-cn .cis
>>AddCharset Big5 .Big5 .big5
>>AddCharset WINDOWS-1251 .cp-1251 .win-1251
>>AddCharset CP866 .cp866
>>AddCharset KOI8-r .koi8-r .koi8-ru
>>AddCharset KOI8-ru .koi8-uk .ua
>>AddCharset ISO-10646-UCS-2 .ucs2
>>AddCharset ISO-10646-UCS-4 .ucs4
>>AddCharset UTF-8 .utf8
>>
>>AddCharset GB2312 .gb2312 .gb
>>AddCharset utf-7 .utf7
>>AddCharset utf-8 .utf8
>>AddCharset big5 .big5 .b5
>>AddCharset EUC-TW .euc-tw
>>AddCharset EUC-JP .euc-jp
>>AddCharset EUC-KR .euc-kr
>>AddCharset shift_jis .sjis
>>
>>AddType application/x-tar .tgz
>>
>>
>>
>>AddHandler imap-file map
>>
>>AddHandler type-map var
>>
>>AddOutputFilter INCLUDES .shtml
>>
>>
>>
>>
>>Alias /error/ "/var/www/error/"
>>
>><IfModule mod_negotiation.c>
>><IfModule mod_include.c>
>> <Directory "/var/www/error">
>> AllowOverride None
>> Options IncludesNoExec
>> AddOutputFilter Includes html
>> AddHandler type-map var
>> Order allow,deny
>> Allow from all
>> LanguagePriority en es de fr
>> ForceLanguagePriority Prefer Fallback
>> </Directory>
>>
>> ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
>> ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
>> ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
>> ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
>> ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
>> ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
>> ErrorDocument 410 /error/HTTP_GONE.html.var
>> ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
>> ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
>> ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
>> ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
>> ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>> ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>> ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
>> ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
>> ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>> ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
>>
>></IfModule>
>></IfModule>
>>
>>BrowserMatch "Mozilla/2" nokeepalive
>>BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>BrowserMatch "Java/1\.0" force-response-1.0
>>BrowserMatch "JDK/1\.0" force-response-1.0
>>
>>BrowserMatch "Microsoft Data Access Internet Publishing Provider"
>
> redirect-carefully
>
>>BrowserMatch "^WebDrive" redirect-carefully
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>Options Indexes
>>AuthType Basic
>>AuthName Security
>>AuthUserFile /etc/httpd/pass/passwd
>> <Limit GET>
>>Require user Security
>> </Limit>
>></Directory>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>NameVirtualHost 155.102.104.1:80
>>NameVirtualHost 155.102.104.1:727
>>
>>
>><VirtualHost 155.102.104.1:80>
>>ServerName xena2
>>DocumentRoot /var/www/html
>></VirtualHost>
>>
>>
>><VirtualHost 155.102.104.1:727>
>>ServerName xena2
>>DocumentRoot /var/www/html2
>></VirtualHost>
>>
>>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
--
__________________________________________________________
Dow Hurst Office: 770-499-3428 *
Systems Support Specialist Fax: 770-423-6744 *
1000 Chastain Rd. Bldg. 12 *
Chemistry Department SC428 Email: dhurst at kennesaw.edu *
Kennesaw State University Dow.Hurst at mindspring.com *
Kennesaw, GA 30144 *
************************************************************
This message (including any attachments) contains *
confidential information intended for a specific individual*
and purpose, and is protected by law. If you are not the *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it, *
is strictly prohibited. *
************************************************************
More information about the Ale
mailing list