Re: [opensuse-packaging] Packaging web-apps for Apache 2.2/2.4 containing require/deny sections

Am Freitag, 24. April 2015, 10:44:02 schrieb Johannes Weberhofer:

Dear all!

Recently many Webapp packages contain complicated constructions to allow/deny access to directories; those constructions can IMHO be simplified.

1) Allow access. To ensured that access on Apache 2.4 is allowed it must be ensured that the compatibility module (if installed) allows access _and_ the new module, too. Both could inherit DENY from other paths:

<IfVersion >= 2.4> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> Require all granted </IfVersion> Order allow,deny Allow from all </IfVersion>

2) Disallow access. For Apache 2.4 it's enough to disallow access with one strategy. So the structure can be more simple:

<IfVersion >= 2.4> Require all denied </IfVersion> Order allow,deny Deny from all </IfVersion>

Is this logic correct? Does anyone see a problem with that? Shall that be documented in the wiki?

Point 1 seems from new bugzilla source. Diskussion about that at: https://bugzilla.mozilla.org/show_bug.cgi?id=1121477 I normaly use: <IfModule mod_authz_core.c> # Apache 2.4 Require all granted </IfModule> # Apache 2.2 Order allow,deny Allow from all </IfModule> and the complement for deny. Regards Eric -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org