Mailinglist Archive: opensuse-packaging (129 mails)

< Previous Next >
[opensuse-packaging] Packaging web-apps for Apache 2.2/2.4 containing require/deny sections
Dear all!

Recently many Webapp packages contain complicated constructions to allow/deny
access to directories; those constructions can IMHO be simplified.

1) Allow access. To ensured that access on Apache 2.4 is allowed it must be
ensured that the compatibility module (if installed) allows access _and_ the
new module, too. Both could inherit DENY from other paths:

<IfVersion >= 2.4>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>


2) Disallow access. For Apache 2.4 it's enough to disallow access with one
strategy. So the structure can be more simple:

<IfVersion >= 2.4>
Require all denied
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Deny from all
</IfVersion>



Is this logic correct? Does anyone see a problem with that? Shall that be
documented in the wiki?


--
Johannes Weberhofer
Weberhofer GmbH, Austria, Vienna
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-packaging+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups