+ Set "Satisfy All" whenever available, as well on Apache 2.4+. This is required to override possible "Satisfy Any" on parent dir, which otherwise would allow direct access to data, regardless of "Require" directive. + Set "Deny from all" as well whenever available, to block access regardless of which access control directive takes priority. + Assume Apache 2.2 only, if mod_authz_core and mod_access_compat are both not available, to avoid doubled directives. In this case set "Deny from all" directive only if the providing mod_authz_host module is available. "Satisfy" is a core directive on Apache 2.2. + Update Apache version strings. Regarding the used directives/modules, Apache 2.4 and 2.5 behave the same. + Add ordering spaces to better reflect the nested directives and to match style of other .htaccess files. Fixes: #6449 (for the config directory) Signed-off-by: Micha Felle <micha@dietpi.com>pull/16792/head
MichaIng
5 years ago
committed by
GitHub
parent
dcbf8fa8e3
commit
e84cdc609a
@ -1,14 +1,23 @@ |
||||
# line below if for Apache 2.4 |
||||
# Section for Apache 2.4 and 2.5 |
||||
<ifModule mod_authz_core.c> |
||||
Require all denied |
||||
Require all denied |
||||
</ifModule> |
||||
<ifModule mod_access_compat.c> |
||||
Deny from all |
||||
Satisfy All |
||||
</ifModule> |
||||
|
||||
# line below if for Apache 2.2 |
||||
# Section for Apache 2.2 |
||||
<ifModule !mod_authz_core.c> |
||||
deny from all |
||||
<ifModule !mod_access_compat.c> |
||||
<ifModule mod_authz_host.c> |
||||
Deny from all |
||||
</ifModule> |
||||
Satisfy All |
||||
</ifModule> |
||||
</ifModule> |
||||
|
||||
# section for Apache 2.2 and 2.4 |
||||
# Section for Apache 2.2 to 2.5 |
||||
<ifModule mod_autoindex.c> |
||||
IndexIgnore * |
||||
IndexIgnore * |
||||
</ifModule> |
||||
|
||||
Loading…
Reference in new issue