You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Marc Slemko <ma...@znep.com> on 1998/07/17 02:38:27 UTC
mod_proxy/2547: Proxy module does not appear to obey access directives (fwd)
You know, I just realized that this may be due to broken canonicalization
too...
Haven't tried it myself.
---------- Forwarded message ----------
Date: 3 Jul 1998 16:25:11 -0000
From: David Pendlebury <pe...@rocketmail.com>
To: apbugs@hyperreal.org
Subject: mod_proxy/2547: Proxy module does not appear to obey access directives
>Number: 2547
>Category: mod_proxy
>Synopsis: Proxy module does not appear to obey access directives
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Fri Jul 3 09:30:01 PDT 1998
>Last-Modified:
>Originator: pendlebury@rocketmail.com
>Organization:
apache
>Release: 1.3.0
>Environment:
Windows NT 4.0 SP3 with hotfixes
Apache compiled with MSVC++ 5.0 SP3
>Description:
I do not seem to be able to restrict access to the proxy module using the <Directory> directive. I have the following access.conf:
<Directory />
Order Deny,Allow
Deny from All
Options None
AllowOverride None
</Directory>
<Directory proxy:*>
order deny,allow
deny from All
Options None
AllowOverride None
</Directory>
# This should be changed to whatever you set DocumentRoot to.
<Directory "C:/Apache/htdocs/">
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you (or at least, not yet).
Options Indexes FollowSymLinks
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
AllowOverride None
#Controls who can get stuff from this server.
order deny,allow
allow from *
</Directory>
# /apache/cgi-bin should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured..
<Directory /apache/cgi-bin>
AllowOverride None
Options None
</Directory>
>How-To-Repeat:
Try these settings:
<Directory proxy:*>
order deny,allow
deny from All
Options None
AllowOverride None
</Directory>
I'm perfectly willing to accept I've screwed up in some way, but can't figure out how.
>Fix:
Sorry, no.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]