You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by " (Lars Eilebrecht)" <la...@apache.org> on 1998/09/01 20:40:00 UTC

Re: mod_auth-any/2938: The server just lets everyone in, and see

The following reply was made to PR mod_auth-any/2938; it has been noted by GNATS.

From: (Lars Eilebrecht) <la...@apache.org>
To: (Apache GNATS) <ap...@apache.org>
Cc:  Subject: Re: mod_auth-any/2938: The server just lets everyone in, and see
Date: Tue, 01 Sep 1998 20:53:22 +0200 (CEST)

 According to Michael Davon:

 >   <Directory */members>
 >   options includes followsymlinks execcgi
 >   AuthDBMUserFile /www/data/passwd/passwd
 >   AuthGroupFile /www/data/group/group
 >   AuthType Basic
 >   AuthName HotSexPics
 >   <Limit GET POST>
 >   require valid-user
 >   </Limit>
 >   </Directory>

 From our upgrading_to_1_3.html file:

   When using wildcards in pathnames (such as * and ?) they no longer match /
   (slash). That is, they more closely behave how a UNIX shell behaves. This
   affects <Directory> directives, for example. 

 You may want to change your config to use either <DirectoryMatch> or
 <LocationMatch>.

 P.S.: And you should remove the lines "<Limit GET POST>" and "</Limit>".
       They are superfluous rsp. wrong.

 Regards...
 -- 
 Lars Eilebrecht
 lars@apache.org