You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Nico De Ranter <ni...@sonycom.com> on 2009/09/16 17:10:24 UTC

[users@httpd] .htaccess not honoured anymore

Hi,

I recently enabled access control on all folders of my apache server by
adding the following section:

<Location "/">
        AuthzLDAPAuthoritative off
        AuthBasicProvider ldap
        AuthType Basic
...

        Require valid-user
</Location>

The idea is that I can refine this for every folder by adding something
like:

<Location "/trac/mytrac">
        Require ldap-group ...
</Location>

without having to copy the other Auth... directives (which contain the
username and password for my LDAP server).

This works fine, however after doing this all .htaccess files in user's
homedirectories are being ignored.

Any ideas how to fix this?

Nico




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Industry Acceptable % of Timeout failures (502s)

Posted by Jignesh Badani <jb...@mmsa.com>.

Hello, is there an industry standard for acceptable % of Timeout related 
failures on one's website ?

We have a server farm of 3 Apache RP proxying almost everything to the 
back-end content and app farms of about 40-50 servers. The user base is 
small but fairly active (about 2.5mil hits per day & 17GB-20GB traffic 
served from all RPs combined)

We have a current Timeout related 502 messages of about 0.3% of the total 
successful hits (http 200).  Is that on the high side or acceptable? If 
there is an website about the same, please point me to it.

The reason I ask is that we are very short handed and we cannot go really 
chasing the App or the content folks for every 502s getting logged.

regards
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
- - 
JB

Re: [users@httpd] .htaccess not honoured anymore

Posted by Nico De Ranter <ni...@sonycom.com>.

Doh, that explains a couple of things.

Thanks for the link!

Nico


On Wed, 2009-09-16 at 18:22 +0200, Bob Ionescu wrote:
> 2009/9/16 Nico De Ranter <ni...@sonycom.com>:
> > however the 'require' directive doesn't seem to have any effect anymore?
> 
> You're overriding it with your <Location > definition. A location
> section overrides directives placed in .htaccess files, see
> http://httpd.apache.org/docs/2.2/sections.html#mergin
> 
> Bob
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] .htaccess not honoured anymore

Posted by Bob Ionescu <bo...@googlemail.com>.

2009/9/16 Nico De Ranter <ni...@sonycom.com>:
> however the 'require' directive doesn't seem to have any effect anymore?

You're overriding it with your <Location > definition. A location
section overrides directives placed in .htaccess files, see
http://httpd.apache.org/docs/2.2/sections.html#mergin

Bob

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] .htaccess not honoured anymore

Posted by Nico De Ranter <ni...@sonycom.com>.

One more note:  I grepped all the apache config files for
'allowoverride': all of them are either 'All' or 'None' (in which case
garbage in .htaccess shouldn't result in a server error as it won't be
read at all).  So I'm sure .htaccess is read and no allowoverride
statement keeps me from using 'require', but it still doesn't work.  Any
ideas what else may be wrong?

Nico

On Wed, 2009-09-16 at 17:51 +0200, Nico De Ranter wrote:
> Hmm,
> 
> following the troubleshooting section on
> http://httpd.apache.org/docs/2.2/howto/htaccess.html I put some garbage
> in the .htaccess and got a server error. So the .htaccess is read,
> however the 'require' directive doesn't seem to have any effect anymore?
> 
> Nico
> 
> On Wed, 2009-09-16 at 17:10 +0200, Nico De Ranter wrote:
> > Hi,
> > 
> > I recently enabled access control on all folders of my apache server by
> > adding the following section:
> > 
> > <Location "/">
> >         AuthzLDAPAuthoritative off
> >         AuthBasicProvider ldap
> >         AuthType Basic
> > ...
> > 
> >         Require valid-user
> > </Location>
> > 
> > The idea is that I can refine this for every folder by adding something
> > like:
> > 
> > <Location "/trac/mytrac">
> >         Require ldap-group ...
> > </Location>
> > 
> > without having to copy the other Auth... directives (which contain the
> > username and password for my LDAP server).
> > 
> > This works fine, however after doing this all .htaccess files in user's
> > homedirectories are being ignored.
> > 
> > Any ideas how to fix this?
> > 
> > Nico
> > 
> > 
> > 
> > 
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] .htaccess not honoured anymore

Posted by Nico De Ranter <ni...@sonycom.com>.

Hmm,

following the troubleshooting section on
http://httpd.apache.org/docs/2.2/howto/htaccess.html I put some garbage
in the .htaccess and got a server error. So the .htaccess is read,
however the 'require' directive doesn't seem to have any effect anymore?

Nico

On Wed, 2009-09-16 at 17:10 +0200, Nico De Ranter wrote:
> Hi,
> 
> I recently enabled access control on all folders of my apache server by
> adding the following section:
> 
> <Location "/">
>         AuthzLDAPAuthoritative off
>         AuthBasicProvider ldap
>         AuthType Basic
> ...
> 
>         Require valid-user
> </Location>
> 
> The idea is that I can refine this for every folder by adding something
> like:
> 
> <Location "/trac/mytrac">
>         Require ldap-group ...
> </Location>
> 
> without having to copy the other Auth... directives (which contain the
> username and password for my LDAP server).
> 
> This works fine, however after doing this all .htaccess files in user's
> homedirectories are being ignored.
> 
> Any ideas how to fix this?
> 
> Nico
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org