]>
Commit | Line | Data |
---|---|---|
4af76ed4 | 1 | ## |
2 | ## access.conf -- Apache HTTP server configuration file | |
3 | ## | |
4 | ||
5 | # access.conf: Global access configuration | |
6 | # Online docs at http://www.apache.org/ | |
7 | ||
8 | # This file defines server settings which affect which types of services | |
9 | # are allowed, and in what circumstances. | |
10 | ||
11 | # Each directory to which Apache has access, can be configured with respect | |
12 | # to which services and features are allowed and/or disabled in that | |
13 | # directory (and its subdirectories). | |
14 | ||
15 | # Originally by Rob McCool | |
16 | ||
17 | # First, we configure the "default" to be a very restrictive set of | |
18 | # permissions. | |
19 | ||
20 | <Directory /> | |
21 | Options FollowSymLinks | |
22 | AllowOverride None | |
23 | </Directory> | |
24 | ||
25 | # User directories | |
26 | <Directory /home> | |
27 | Options Indexes IncludesNoExec | |
28 | AllowOverride None | |
29 | </Directory> | |
30 | ||
31 | # Note that from this point forward you must specifically allow | |
32 | # particular features to be enabled - so if something's not working as | |
33 | # you might expect, make sure that you have specifically enabled it | |
34 | # below. | |
35 | ||
36 | # This should be changed to whatever you set DocumentRoot to. | |
37 | ||
38 | <Directory "/home/httpd/html"> | |
39 | ||
40 | # This may also be "None", "All", or any combination of "Indexes", | |
41 | # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". | |
42 | ||
43 | # Note that "MultiViews" must be named *explicitly* --- "Options All" | |
44 | # doesn't give it to you. | |
45 | ||
46 | Options Indexes Includes FollowSymLinks | |
47 | ||
48 | # This controls which options the .htaccess files in directories can | |
49 | # override. Can also be "All", or any combination of "Options", "FileInfo", | |
50 | # "AuthConfig", and "Limit" | |
51 | ||
52 | AllowOverride None | |
53 | ||
54 | # Controls who can get stuff from this server. | |
55 | ||
56 | order allow,deny | |
57 | allow from all | |
58 | ||
59 | </Directory> | |
60 | ||
61 | # /home/httpd/cgi-bin should be changed to whatever your ScriptAliased | |
62 | # CGI directory exists, if you have that configured. | |
63 | ||
64 | <Directory "/home/httpd/cgi-bin"> | |
65 | AllowOverride None | |
66 | Options ExecCGI | |
67 | </Directory> | |
68 | ||
4af76ed4 | 69 | # Allow remote server configuration reports, with the URL of |
70 | # http://servername/server-info (requires that mod_info.c be loaded). | |
71 | # Change the ".your_domain.com" to match your domain to enable. | |
72 | ||
73 | <Location /server-info> | |
74 | SetHandler server-info | |
75 | ||
76 | order deny,allow | |
77 | deny from all | |
78 | allow from 127.0.0.1 | |
79 | </Location> | |
80 | ||
81 | # There have been reports of people trying to abuse an old bug from pre-1.1 | |
82 | # days. This bug involved a CGI script distributed as a part of Apache. | |
83 | # By uncommenting these lines you can redirect these attacks to a logging | |
84 | # script on phf.apache.org. Or, you can record them yourself, using the script | |
85 | # support/phf_abuse_log.cgi. | |
86 | ||
87 | <Location /cgi-bin/phf*> | |
88 | deny from all | |
89 | ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi | |
90 | </Location> | |
91 | ||
92 | # You may place any other directories or locations you wish to have | |
93 | # access information for after this one. | |
94 |