> -----Original Message----- > From: Nick Kew [mailto:n...@webthing.com] > Sent: Montag, 10. Juni 2013 16:02 > To: dev@httpd.apache.org > Subject: Re: "Forbid" directive in core? > > > On 10 Jun 2013, at 14:35, Eric Covener wrote: > > > I'd like to add an immutable Forbid directive to the core and use it > > in some places in the default configuration instead of "require all > > denied". > > > > http://people.apache.org/~covener/forbid.diff > > > > This protects from a broad <Location or <If being added that > > supercedes Directory/Files. > > > > I thought someone might object to the duplication w/ AAA or the > > presence in the core, so opting for RTC. > > Why indeed in core?
Indeed, why in core? And what is bad about "require all denied"? Regards Rüdiger
