>Number: 5317 >Category: general >Synopsis: "not found" or "forbidden" when using different <Directory /> >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Nov 15 07:20:01 PST 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.9 >Environment: FreeBSD camel.ck.tp.edu.tw 3.3-STABLE FreeBSD 3.3-STABLE #0: Fri Nov 5 07:31:35 CST 1999 >Description: If I use default httpd.conf without <Directory /> having "deny from all", once I visit http://host/~user (the user exists on the server but has no public_html) the server says "404 Not Found". That's correct, OK, but if I follow the security advices, using <Directory /> "deny from all" with <Directory /home/.+/public_html> "allow from all", I visit the same place above (and the user's situation is the same) and get "403 Forbidden".
Is it strange? It should also be "not found", right? >How-To-Repeat: Follow the steps above. >Fix: no. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, you need] [to include <[EMAIL PROTECTED]> in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
