brian 96/07/03 10:18:13
Modified: conf access.conf-dist Log: Changes to make access.conf more secure for the newbie fresh installation. Revision Changes Path 1.3 +16 -28 apache/conf/access.conf-dist Index: access.conf-dist =================================================================== RCS file: /export/home/cvs/apache/conf/access.conf-dist,v retrieving revision 1.2 retrieving revision 1.3 diff -C3 -r1.2 -r1.3 *** access.conf-dist 1996/04/11 06:05:49 1.2 --- access.conf-dist 1996/07/03 17:18:11 1.3 *************** *** 10,20 **** # Originally by Rob McCool - # /usr/local/etc/httpd/ should be changed to whatever you set ServerRoot to. - <Directory /usr/local/etc/httpd/cgi-bin> - Options Indexes FollowSymLinks - </Directory> - # This should be changed to whatever you set DocumentRoot to. <Directory /usr/local/etc/httpd/htdocs> --- 10,15 ---- *************** *** 27,70 **** Options Indexes FollowSymLinks - # This option allows you to turn on the XBitHack behavior, which allows you - # to make text/html server-parsed by activating the owner x bit with chmod. - # This directive may be used wherever Options may, and has three - # possible arguments: Off, On or Full. If set to full, Apache will also - # add a Last-Modified header to the document if the group x bit is set. - - # Unless the server has been compiled with -DXBITHACK, this function is - # off by default. To use, uncomment the following line: - - #XBitHack Full - # This controls which options the .htaccess files in directories can ! # override. Can also be "None", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" ! AllowOverride All # Controls who can get stuff from this server. - <Limit GET> order allow,deny allow from all - </Limit> </Directory> # Allow server status reports, with the URL of http://servername/status # Change the ".nowhere.com" to match your domain to enable. ! <Location /status> ! SetHandler server-status ! <Limit GET> ! order deny,allow ! deny from all ! allow from .nowhere.com ! </Limit> ! </Location> # You may place any other directories or locations you wish to have # access information for after this one. --- 22,58 ---- Options Indexes FollowSymLinks # This controls which options the .htaccess files in directories can ! # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" ! AllowOverride None # Controls who can get stuff from this server. order allow,deny allow from all </Directory> + # /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased + # CGI directory exists, if you have that configured. + + <Directory /usr/local/etc/httpd/cgi-bin> + AllowOverride None + Options None + </Directory> + # Allow server status reports, with the URL of http://servername/status # Change the ".nowhere.com" to match your domain to enable. ! #<Location /status> ! #SetHandler server-status ! #order deny,allow ! #deny from all ! #allow from .nowhere.com ! #</Location> # You may place any other directories or locations you wish to have # access information for after this one.