You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/02/21 16:16:49 UTC

DO NOT REPLY [Bug 38733] - mod_access doesn't obey any allow/deny rules when using a limit connect statement

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38733>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=38733


nd@perlig.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX




------- Additional Comments From nd@perlig.de  2006-02-21 16:16 -------
One could say, it's a design problem, a well known, though.

You configuration says, literally:

Deny all URLs beginning with /, but only if the HTTP method is CONNECT. This
overrides any rules before - as usual. But not what you obviously have expected
in this case.

We're not gonna change the configuration mechanism in 2.0. There's a lot of work
going on in the 2.3 development branch, though.

Solution in your case: Alaways test you access configurations. Drop the
CONNECT-403 thing. It's not necessary at all (and obviously jeopardizes your
whole config).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org