On 5/13/24 15:42, Chris me wrote:
The Apache docs recommend dong this to setup a default deny to file
locations:
<Directory "/">
Require all denied
</Directory>
Do I do that in httpd.conf or do I add that to each <virtualhost> entry?
If you do it in httpd.conf (which I assume would be a server-wide scope
for you), it will be applied globally and thus within every virtualhost
scope as well. You should then, within each virtualhost scope,
explicitly allow access to the documentroot and other directories you
wish to have open for reading.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
