[ale] Problems with "browsing" apache protected folders

Armsby John-G16665 John.Armsby at motorola.com
Wed Mar 31 11:32:44 EST 2004


Those were the defaults that came with the httpd.conf.  At this point, I am trying to get my "basics" to work.

John


-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of Dow
Hurst
Sent: Wednesday, March 31, 2004 9:53 AM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] Problems with "browsing" apache protected folders


I am not answering your question cause I don't know it!  But, shouldn't your 
policy be deny then allow?  And, why would you allow following symlinks? Just 
curious as to your reasons since I thought both of those were not the best 
policy to follow.  I knew a little about 1.3 series but haven't had to deal 
with the 2 version at all.
Dow


Armsby John-G16665 wrote:
> All,
> 
> I have been struggling with RedHat 9, Apache2, and password protected folders under the document root.  
> 
> The good:  I can password selected directories/folders via the Directory directive in httpd.conf.  I can type in the appropriate URL and a password popup appears.
> 
> The bad:  With apache 1.3.x I could select the appropriate URL pointing to a folder  under the document root system and "browse" down the directory system until I selected the password protected folder.  Double clicking on the password protected folder resulted in a password popup.  With apache 2 I can still browse but I CAN NO LONGER "SEE" THE PROTECTED FOLDER.  IT IS INVISIBLE!   If I remove/comment the Directory directive, I can now "see" the now unprotected folder.
> 
> I am stumped.  A complication is that I am running (successfully) a virtual server.  Virtual 1 is on port 80.  Virtual 2 is port 727.  Apache specified I had to create two virtual servers, no one for the 727 port.
> 
> Below is my httpd.conf.  I have cross posted to the apache configuration group.
> 
> Any help would be appreciated.
> 
> John
> 
> 
> 
> 
> 
>>ServerTokens OS
>>
>>ServerRoot "/etc/httpd"
>>
>>
>>PidFile run/httpd.pid
>>
>>Timeout 300
>>
>>KeepAlive Off
>>
>>MaxKeepAliveRequests 100
>>
>>KeepAliveTimeout 15
>>
>>
>><IfModule prefork.c>
>>StartServers       8
>>MinSpareServers    5
>>MaxSpareServers   20
>>MaxClients       150
>>MaxRequestsPerChild  1000
>></IfModule>
>>
>><IfModule worker.c>
>>StartServers         2
>>MaxClients         150
>>MinSpareThreads     25
>>MaxSpareThreads     75
>>ThreadsPerChild     25
>>MaxRequestsPerChild  0
>></IfModule>
>>
>><IfModule perchild.c>
>>NumServers           5
>>StartThreads         5
>>MinSpareThreads      5
>>MaxSpareThreads     10
>>MaxThreadsPerChild  20
>>MaxRequestsPerChild  0
>></IfModule>
>>
>>Listen 80
>>Listen 727
>>
>>Include conf.d/*.conf
>>
>>LoadModule access_module modules/mod_access.so
>>LoadModule auth_module modules/mod_auth.so
>>LoadModule auth_anon_module modules/mod_auth_anon.so
>>LoadModule auth_dbm_module modules/mod_auth_dbm.so
>>LoadModule auth_digest_module modules/mod_auth_digest.so
>>LoadModule include_module modules/mod_include.so
>>LoadModule log_config_module modules/mod_log_config.so
>>LoadModule env_module modules/mod_env.so
>>LoadModule mime_magic_module modules/mod_mime_magic.so
>>LoadModule cern_meta_module modules/mod_cern_meta.so
>>LoadModule expires_module modules/mod_expires.so
>>LoadModule headers_module modules/mod_headers.so
>>LoadModule usertrack_module modules/mod_usertrack.so
>>LoadModule unique_id_module modules/mod_unique_id.so
>>LoadModule setenvif_module modules/mod_setenvif.so
>>LoadModule mime_module modules/mod_mime.so
>>LoadModule dav_module modules/mod_dav.so
>>LoadModule status_module modules/mod_status.so
>>LoadModule autoindex_module modules/mod_autoindex.so
>>LoadModule asis_module modules/mod_asis.so
>>LoadModule info_module modules/mod_info.so
>>LoadModule dav_fs_module modules/mod_dav_fs.so
>>LoadModule vhost_alias_module modules/mod_vhost_alias.so
>>LoadModule negotiation_module modules/mod_negotiation.so
>>LoadModule dir_module modules/mod_dir.so
>>LoadModule imap_module modules/mod_imap.so
>>LoadModule actions_module modules/mod_actions.so
>>LoadModule speling_module modules/mod_speling.so
>>LoadModule userdir_module modules/mod_userdir.so
>>LoadModule alias_module modules/mod_alias.so
>>LoadModule rewrite_module modules/mod_rewrite.so
>>LoadModule proxy_module modules/mod_proxy.so
>>LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
>>LoadModule proxy_http_module modules/mod_proxy_http.so
>>LoadModule proxy_connect_module modules/mod_proxy_connect.so
>>
>><IfModule prefork.c>
>>LoadModule cgi_module modules/mod_cgi.so
>></IfModule>
>>
>><IfModule worker.c>
>>LoadModule cgid_module modules/mod_cgid.so
>></IfModule>
>>
>>
>>
>>User apache
>>Group dc
>>
>>ServerAdmin john.armsby at motorola.com
>>
>>ServerName xena2
>>UseCanonicalName Off
>>
>>DocumentRoot "/var/www/html"
>>
>><Directory />
>>    Options FollowSymLinks
>>    AllowOverride None
>></Directory>
>>
>>
>><Directory "/var/www/html">
>>
>>    Options Indexes FollowSymLinks
>>
>>    AllowOverride None
>>
>>    Order allow,deny
>>    Allow from all
>>
>></Directory>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>><LocationMatch "^/$>
>>    Options -Indexes
>>    ErrorDocument 403 /error/noindex.html
>></LocationMatch>
>>
>><IfModule mod_userdir.c>
>>    UserDir disable
>>
>>
>></IfModule>
>>
>>
>>DirectoryIndex index.html index.html.var
>>
>>AccessFileName .htaccess
>>
>><Files ~ "^\.ht">
>>    Order allow,deny
>>    Deny from all
>></Files>
>>
>>TypesConfig /etc/mime.types
>>
>>DefaultType text/plain
>>
>><IfModule mod_mime_magic.c>
>>    MIMEMagicFile conf/magic
>></IfModule>
>>
>>HostnameLookups Off
>>
>>ErrorLog logs/error_log
>>
>>LogLevel warn
>>
>>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
> 
> combined
> 
>>LogFormat "%h %l %u %t \"%r\" %>s %b" common
>>LogFormat "%{Referer}i -> %U" referer
>>LogFormat "%{User-agent}i" agent
>>
>>CustomLog logs/access_log combined
>>
>>
>>
>>ServerSignature On
>>
>>Alias /icons/ "/var/www/icons/"
>>
>><Directory "/var/www/icons">
>>    Options Indexes MultiViews
>>    AllowOverride None
>>    Order allow,deny
>>    Allow from all
>></Directory>
>>
>>Alias /manual "/var/www/manual"
>>
>><Directory "/var/www/manual">
>>    Options Indexes FollowSymLinks MultiViews
>>    AllowOverride None
>>    Order allow,deny
>>    Allow from all
>></Directory>
>>
>><IfModule mod_dav_fs.c>
>>    DAVLockDB /var/lib/dav/lockdb
>></IfModule>
>>
>>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>>
>><IfModule mod_cgid.c>
>>Scriptsock            run/httpd.cgid
>></IfModule>
>>
>><Directory "/var/www/cgi-bin">
>>    AllowOverride None
>>    Options None
>>    Order allow,deny
>>    Allow from all
>></Directory>
>>
>>
>>
>>IndexOptions FancyIndexing VersionSort NameWidth=*
>>
>>AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>>
>>AddIconByType (TXT,/icons/text.gif) text/*
>>AddIconByType (IMG,/icons/image2.gif) image/*
>>AddIconByType (SND,/icons/sound2.gif) audio/*
>>AddIconByType (VID,/icons/movie.gif) video/*
>>
>>AddIcon /icons/binary.gif .bin .exe
>>AddIcon /icons/binhex.gif .hqx
>>AddIcon /icons/tar.gif .tar
>>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
>>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>>AddIcon /icons/a.gif .ps .ai .eps
>>AddIcon /icons/layout.gif .html .shtml .htm .pdf
>>AddIcon /icons/text.gif .txt
>>AddIcon /icons/c.gif .c
>>AddIcon /icons/p.gif .pl .py
>>AddIcon /icons/f.gif .for
>>AddIcon /icons/dvi.gif .dvi
>>AddIcon /icons/uuencoded.gif .uu
>>AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
>>AddIcon /icons/tex.gif .tex
>>AddIcon /icons/bomb.gif core
>>
>>AddIcon /icons/back.gif ..
>>AddIcon /icons/hand.right.gif README
>>AddIcon /icons/folder.gif ^^DIRECTORY^^
>>AddIcon /icons/blank.gif ^^BLANKICON^^
>>
>>DefaultIcon /icons/unknown.gif
>>
>>
>>ReadmeName README.html
>>HeaderName HEADER.html
>>
>>
>>AddEncoding x-compress Z
>>AddEncoding x-gzip gz tgz
>>
>>AddLanguage da .dk
>>AddLanguage nl .nl
>>AddLanguage en .en
>>AddLanguage et .et
>>AddLanguage fr .fr
>>AddLanguage de .de
>>AddLanguage he .he
>>AddLanguage el .el
>>AddLanguage it .it
>>AddLanguage ja .ja
>>AddLanguage pl .po
>>AddLanguage kr .kr
>>AddLanguage pt .pt
>>AddLanguage nn .nn
>>AddLanguage no .no
>>AddLanguage pt-br .pt-br
>>AddLanguage ltz .ltz
>>AddLanguage ca .ca
>>AddLanguage es .es
>>AddLanguage sv .se
>>AddLanguage cz .cz
>>AddLanguage ru .ru
>>AddLanguage tw .tw
>>AddLanguage zh-tw .tw
>>AddLanguage hr .hr
>>
>>LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ltz ca es sv
> 
> tw
> 
>>ForceLanguagePriority Prefer Fallback
>>
>>AddDefaultCharset ISO-8859-1
>>
>>AddCharset ISO-8859-1  .iso8859-1  .latin1
>>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
>>AddCharset ISO-8859-3  .iso8859-3  .latin3
>>AddCharset ISO-8859-4  .iso8859-4  .latin4
>>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
>>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
>>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
>>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
>>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
>>AddCharset ISO-2022-JP .iso2022-jp .jis
>>AddCharset ISO-2022-KR .iso2022-kr .kis
>>AddCharset ISO-2022-CN .iso2022-cn .cis
>>AddCharset Big5        .Big5       .big5
>>AddCharset WINDOWS-1251 .cp-1251   .win-1251
>>AddCharset CP866       .cp866
>>AddCharset KOI8-r      .koi8-r .koi8-ru
>>AddCharset KOI8-ru     .koi8-uk .ua
>>AddCharset ISO-10646-UCS-2 .ucs2
>>AddCharset ISO-10646-UCS-4 .ucs4
>>AddCharset UTF-8       .utf8
>>
>>AddCharset GB2312      .gb2312 .gb
>>AddCharset utf-7       .utf7
>>AddCharset utf-8       .utf8
>>AddCharset big5        .big5 .b5
>>AddCharset EUC-TW      .euc-tw
>>AddCharset EUC-JP      .euc-jp
>>AddCharset EUC-KR      .euc-kr
>>AddCharset shift_jis   .sjis
>>
>>AddType application/x-tar .tgz
>>
>>
>>
>>AddHandler imap-file map
>>
>>AddHandler type-map var
>>
>>AddOutputFilter INCLUDES .shtml
>>
>>
>>
>>
>>Alias /error/ "/var/www/error/"
>>
>><IfModule mod_negotiation.c>
>><IfModule mod_include.c>
>>    <Directory "/var/www/error">
>>        AllowOverride None
>>        Options IncludesNoExec
>>        AddOutputFilter Includes html
>>        AddHandler type-map var
>>        Order allow,deny
>>        Allow from all
>>        LanguagePriority en es de fr
>>        ForceLanguagePriority Prefer Fallback
>>    </Directory>
>>
>>    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
>>    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
>>    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
>>    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
>>    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
>>    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
>>    ErrorDocument 410 /error/HTTP_GONE.html.var
>>    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
>>    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
>>    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
>>    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
>>    ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>>    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>>    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
>>    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
>>    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>>    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
>>
>></IfModule>
>></IfModule>
>>
>>BrowserMatch "Mozilla/2" nokeepalive
>>BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>BrowserMatch "Java/1\.0" force-response-1.0
>>BrowserMatch "JDK/1\.0" force-response-1.0
>>
>>BrowserMatch "Microsoft Data Access Internet Publishing Provider"
> 
> redirect-carefully
> 
>>BrowserMatch "^WebDrive" redirect-carefully
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>Options Indexes
>>AuthType Basic
>>AuthName Security
>>AuthUserFile /etc/httpd/pass/passwd
>> <Limit GET>
>>Require user Security
>> </Limit>
>></Directory>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>NameVirtualHost 155.102.104.1:80
>>NameVirtualHost 155.102.104.1:727
>>
>>
>><VirtualHost 155.102.104.1:80>
>>ServerName xena2
>>DocumentRoot /var/www/html
>></VirtualHost>
>>
>>
>><VirtualHost 155.102.104.1:727>
>>ServerName xena2
>>DocumentRoot /var/www/html2
>></VirtualHost>
>>
>>
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
> 

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale



More information about the Ale mailing list