##
## access.conf -- Apache HTTP server configuration file
##

# access.conf: Global access configuration
# Online docs at http://www.apache.org/

# This file defines server settings which affect which types of services
# are allowed, and in what circumstances. 

# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories). 

# Originally by Rob McCool

# First, we configure the "default" to be a very restrictive set of 
# permissions.  

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

# User directories
<Directory /home>
Options Indexes IncludesNoExec
AllowOverride None
</Directory>

# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.

# This should be changed to whatever you set DocumentRoot to.

<Directory "/home/httpd/html">

# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".

# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.

Options Indexes Includes FollowSymLinks

# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo", 
# "AuthConfig", and "Limit"

AllowOverride None

# Controls who can get stuff from this server.

order allow,deny
allow from all

</Directory>

# /home/httpd/cgi-bin should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.

<Directory "/home/httpd/cgi-bin">
AllowOverride None
Options ExecCGI
</Directory>

# Allow remote server configuration reports, with the URL of
#  http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your_domain.com" to match your domain to enable.

<Location /server-info>
SetHandler server-info

order deny,allow
deny from all
allow from 127.0.0.1
</Location>

# There have been reports of people trying to abuse an old bug from pre-1.1
# days.  This bug involved a CGI script distributed as a part of Apache.
# By uncommenting these lines you can redirect these attacks to a logging 
# script on phf.apache.org.  Or, you can record them yourself, using the script
# support/phf_abuse_log.cgi.

<Location /cgi-bin/phf*>
deny from all
ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
</Location>

# You may place any other directories or locations you wish to have
# access information for after this one.