Your root directory / should always be Deny from all. Then you allow access
to other directories per need.
On Sep 30, 2011 7:25 AM, "Brandon Phelps" <bphe...@gls.com> wrote:
> Hello all,
>
> I am a bit confused regarding the difference between:
>
> <Directory />
> Options FollowSymLinks
> AllowOverride None
> </Directory>
>
> and:
>
> <Directory /var/www/>
> Options Indexes FollowSymLinks MultiViews
> AllowOverride None
> Order allow,deny
> allow from all
> </Directory>
>
> I am trying to lock down the server to only allow connections from my
local subnet, so should I place these Order/Allow/Deny statements in the /
directory block, or the /var/www?
>
> Thanks!
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> " from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
